Jump to content
  • EN

DHCP RELAY over L2TPv3 new: Difference between revisions

From Teltonika Networks Wiki
← Older edit
VisualWikitext
No edit summary
Tags: Mobile edit Mobile web edit
Tags: Mobile edit Mobile web edit
 
(11 intermediate revisions by the same user not shown)
Line 62: Line 62:
#Peer Cookie: '''12ABCDEF'''
#Peer Cookie: '''12ABCDEF'''


[[File:L2tpv3_new_conf_5.png|border|class=tlt-border|1000x1000px]]
[[File:L2tpv3_new_conf_5_1.png|border|class=tlt-border|1000x1000px]]


'''Instance settings'''
'''Instance settings'''
Line 81: Line 81:
==RUT2 DHCP Client Settings (Relay) ==
==RUT2 DHCP Client Settings (Relay) ==


===DHCP Relay===
Login to the router's WebUI and navigate to '''Network → DHCP → Server Settings → IPv4 → DHCPv4 servers → lan → Edit''':
Login to the router's WebUI and navigate to '''Network → DHCP → Server Settings → IPv4 → DHCPv4 servers → lan → Edit''':
General Setup
General Setup
----
----
Line 94: Line 92:
'''Note:''' The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts.
'''Note:''' The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts.


===Set up Mobile WAN as Main WAN===
===RUT2 Allow-DHCP-Renew firewall rule changes===
Enter to the router’s WebUI, go to '''Network → Interfaces''' press mouse click on the Mobile Wan interface, then drag it to the 1<sup>st</sup> position and then press '''Save & Apply'''.
----


[[File:Client 02 fix.png|border|class=tlt-border|750x750px]]
Open the router’s WebUI, go to '''Network → Firewall → Traffic rules → Allow-DHCP-Renew -> Edit''' and include destination port 67 inside the rule configuration.


===Modify Enable-DHCP-renew firewall rule===
[[File:L2tpv3_new_conf_8.png|border|class=tlt-border|750x750px]]
Enter in the router’s WebUI, go to '''Network → Firewall → Traffic rules''' to additionally allow destination port 67.


[[File:Client 03.png|border|class=tlt-border|750x750px]]
===RUT2 L2TPv3 Client configraution===
 
----
===Create L2TPv3 instance===
Go to router’s WebUI, under '''Service → VPN → L2TP → L2TPv3''' and create new '''L2TPV3''' instance.
Go to router’s WebUI, under '''Service → VPN → L2TP → L2TPv3''' and create new '''L2TPV3''' instance.


'''LOCAL SETTING'''
'''L2TPv3 instance configuration'''
----
Apply the following configuration:


Local address: '''213.130.XXX.XXX'''
#Local address: '''213.130.XXX.XXX'''
#Tunnel ID: '''10'''
#Session ID: '''10'''
#Cookie: '''12ABCDEF'''
[[File:L2tpv3_new_conf_9.png|border|class=tlt-border|1000x1000px]]
'''Peer settings'''
----
Apply the following configuration:


Tunnel ID: '''10'''
#Peer address: '''84.15.XXX.XXX'''
#Peer Tunnel ID: '''100'''
#Peer Session ID:'''100'''
#Peer Cookie: '''12ABCDEF'''


Session ID: '''10'''
[[File:L2tpv3_new_conf_10.png|border|class=tlt-border|1000x1000px]]


Cookie: '''12ABCDEF'''


'''PEER SETTING'''
'''Instance settings'''
----
Apply the following configuration:


Peer address: '''84.15.XXX.XXX'''
#Bridge to: '''LAN'''
#MTU: '''1500'''
#Encapsulation: '''IP'''
#Layer 2 specific header type: '''Linux Default'''


Peer Tunnel ID: 100
[[File:L2tpv3_new_conf_6.png|border|class=tlt-border|1000x1000px]]
 
Peer Session ID: 100
 
Peer Cookie: 12ABCDEF
 
'''INSTANCE SETTING'''
 
Bridge to: '''LAN'''
 
MTU: '''1500'''
 
Encapsulation: '''IP'''
 
Layer 2 specific header type: '''Linux Default'''
 
[[File:Client 04 fix.png|border|class=tlt-border|750x750px]]


[[File:Server new 04 02.png|border|class=tlt-border|750x750px]]


'''Note:''' Specify on "Local address" your mobile WAN public IP. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.
'''Note:''' Specify on "Local address" your mobile WAN public IP. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.

Latest revision as of 22:40, 3 October 2025

Introduction

A DHCP relay agent allows the DHCP clients to obtain IP addresses from a DHCP server that is not configured on the same LAN.

This article provides a configuration example with details on how to set-up a DHCP relay over a L2TPv3 VPN.

Prerequisites

You will need:

  • Two RUT or RUTX devices (one as Server and other as Client)
  • A PC acting as a Host for testing
  • Both routers must have a Public Static or Public Dynamic IP addresses

Configuration Scheme


RUT1 LAN interface configuration

Login to the router's WebUI and navigate to Network → LAN → LAN interfaces → lan. Click the 'Edit' button on the right side of the interface to set the LAN network address.

General Settings

Aplly the following changes:

  1. IPv4 Address: 192.168.10.1

RUT1 DHCP pool configuration

Login to the router's WebUI and navigate to Network → DHCP → Server Settings → IPv4 → DHCPv4 servers → lan → Edit:

General Setup

Make the Following changes:

  1. Start IP:192.168.10.150
  2. End IP:192.168.10.170

RUT1 L2TPv3 Server Configuration

Go to router’s WebUI, under Service → VPN → L2TPv3 and create new L2TPv3 instance.

L2TPv3 instance configuration

Apply the following configuration:

  1. Enable: on
  2. Local address: 84.15.XXX.XXX
  3. Tunnel ID: 100
  4. Session ID: 100
  5. Cookie: 12ABCDEF

Peer settings

Apply the following configuration:

  1. Peer address: 213.130.XXX.XXX
  2. Peer Tunnel ID: 10
  3. Peer Session ID: 10
  4. Peer Cookie: 12ABCDEF

Instance settings

Apply the following configuration:

  1. Bridge to: lan
  2. MTU: 1500
  3. Encapsulation: IP
  4. Layer 2 specific header type: Linux Default


Note: Specify on "Local address" your mobile WAN public IP. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.

RUT2 DHCP Client Settings (Relay)

Login to the router's WebUI and navigate to Network → DHCP → Server Settings → IPv4 → DHCPv4 servers → lan → Edit: General Setup

Make the Following changes:

  1. DHCPv4 mode: Relay
  2. DHCP server: 84.15.XXX.XXX

Note: The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts.

RUT2 Allow-DHCP-Renew firewall rule changes

Open the router’s WebUI, go to Network → Firewall → Traffic rules → Allow-DHCP-Renew -> Edit and include destination port 67 inside the rule configuration.

RUT2 L2TPv3 Client configraution

Go to router’s WebUI, under Service → VPN → L2TP → L2TPv3 and create new L2TPV3 instance.

L2TPv3 instance configuration

Apply the following configuration:

  1. Local address: 213.130.XXX.XXX
  2. Tunnel ID: 10
  3. Session ID: 10
  4. Cookie: 12ABCDEF

Peer settings

Apply the following configuration:

  1. Peer address: 84.15.XXX.XXX
  2. Peer Tunnel ID: 100
  3. Peer Session ID:100
  4. Peer Cookie: 12ABCDEF


Instance settings

Apply the following configuration:

  1. Bridge to: LAN
  2. MTU: 1500
  3. Encapsulation: IP
  4. Layer 2 specific header type: Linux Default


Note: Specify on "Local address" your mobile WAN public IP. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.

Testing DHCP over L2TPv3

To test the realy settings go to DHCP server to check that devices are able to recieve IP addresses in the range 192.168.10.150 - 192.168.10.170 either via LAN port or Wi-Fi. Access the CLI and run cat /tmp/dhcp.leases to list all DHCP clients.

Asking for the Address Resolution Protocol (ARP) table is also an other method to find hosts on the LAN network.

Retrieved from "https://wiki.teltonika-networks.com/index.php?title=DHCP_RELAY_over_L2TPv3_new&oldid=158377"