567
edits
Changes
no edit summary
[[File:L2tpoveripsecserver1f.png|left|L2tpoveripsecserver1|border|class=tlt-border|1100px]]
[[File:L2tpoveripsecserver1f.png|left|L2tpoveripsecserver1|border|class=tlt-border|1100px]]
[[File:L2tpoveripsecserver2f.png|left|L2tpoveripsecserver2|border|class=tlt-border|1100px]]
[[File:L2tpoveripsecserver2f.png|left|L2tpoveripsecserver2|border|class=tlt-border|1100px]]
[[File:Custom options configuration v1.png|center|L2tpoveripsecserverIKE|border|class=tlt-border]]
[[File:Custom options configuration v3.png|center|L2tpoveripsecserverCustom|border|class=tlt-border]]
*'''Remote VPN endpoint''' - IP address or hostname of the remote IPsec instance. '''Leave empty''' for the server configuration
*'''Remote VPN endpoint''' - IP address or hostname of the remote IPsec instance. '''Leave empty''' for the server configuration
*'''Enable''' - if checked, enables the IPsec instance
*'''Enable''' - if checked, enables the IPsec instance
*'''Type''' - the type of the connection. '''Transport''' encrypts only the payload and Encapsulating Security Payload (ESP) trailer; so the IP header of the original packet is not encrypted. Transport mode is usually used when another tunneling protocol (such as [[VPN#GRE_Tunnel|GRE]], [[VPN#L2TP|L2TP]]) is used to first encapsulate the IP data packet, then IPsec is used to protect the GRE/L2TP tunnel packets. NAT traversal is not supported with the transport mode.
*'''Type''' - the type of the connection. '''Transport''' encrypts only the payload and Encapsulating Security Payload (ESP) trailer; so the IP header of the original packet is not encrypted. Transport mode is usually used when another tunneling protocol (such as [[VPN#GRE_Tunnel|GRE]], [[VPN#L2TP|L2TP]]) is used to first encapsulate the IP data packet, then IPsec is used to protect the GRE/L2TP tunnel packets. NAT traversal is not supported with the transport mode.
*'''Bind to''' - which interface is going to be bind to the IPsec configuration. The L2TP interface must be selected.
*'''Bind to''' - which interface is going to be bind to the IPsec configuration. The L2TP interface must be selected.
*'''Custom option''' - rekey=0
*'''Encryption algorithm''' - AES 256
*'''Authentication''' - SHA1
*'''Force crypto proposal''' - Enabled
*'''DH group''' - MODP2048
===PC Client===
===PC Client===
To configure a windows PC as a client, you can use the already developed VPN function. To do this, select the search bar and type "Add a VPN connection". Then select the "Add VPN" option.
To configure a windows PC as a client, you can use the already developed VPN function. To do this, select the search bar and type "Add a VPN connection". Then select the "Add VPN" option.
*'''Client configuration''':
*'''Client configuration''':
[[File:WindowsVPNconfigf.png|left|WindowsVPNconfig|border|class=tlt-border]]
[[File:WindowsVPNconfigf.png|left|WindowsVPNconfig|border|class=tlt-border|1100px]]
*'''VPN provider''' - VPN provider to be configured. In our case we select the "Windows (build-in)" option.
*'''VPN provider''' - VPN provider to be configured. In our case we select the "Windows (build-in)" option.
*'''Connection name''' - enter a custom name.
*'''Connection name''' - enter a custom name.
*Other types of VPNs suported by RUTxxx devices:
*Other types of VPNs suported by RUTxxx devices:
**[[L2TP configuration examples]]
**[[L2TP configuration examples RutOS|L2TP configuration examples]]
**[[IPsec configuration examples]]
**[[IPsec RUTOS configuration example|IPsec configuration examples]]
**[[GRE Tunnel configuration examples]]
**[[GRE Tunnel configuration examples RutOS|GRE Tunnel configuration examples]]
**[[OpenVPN configuration examples]]
**[[OpenVPN configuration examples RUT R 00.07|OpenVPN configuration examples]]
**[[PPTP configuration examples]]
**[[PPTP configuration examples RutOS|PPTP configuration examples]]
[[Category:VPN]]
