489
edits
Changes
no edit summary
----
----
*'''Server configuration''':
*'''Server configuration''':
[[File:L2tpoveripsecl2tpserverconfiguration_newf.png|left]]
[[File:L2tpoveripsecl2tpserverconfiguration_newf.png|border|class=tlt-border|1100px]]
*'''Enable''' - when checked, enables the instance
*'''Enable''' - when checked, enables the instance
*'''Local IP''' - the server's virtual IP address
*'''Local IP''' - the server's virtual IP address
Login to the router's WebUI and navigate to '''Services → VPN → IPsec'''. Enter a custom name for your IPsec instance and click the "Add" button. Then click the "Edit" button located next to the newly created instance after which you will redirected to that instance's configuration window. Adhere to the configurations presented in the figure below:
Login to the router's WebUI and navigate to '''Services → VPN → IPsec'''. Enter a custom name for your IPsec instance and click the "Add" button. Then click the "Edit" button located next to the newly created instance after which you will redirected to that instance's configuration window. Adhere to the configurations presented in the figure below:
[[File:L2tpoveripsecserver1f.png|left|L2tpoveripsecserver1]]
[[File:L2tpoveripsecserver1f.png|left|L2tpoveripsecserver1|border|class=tlt-border]]
[[File:L2tpoveripsecserver2f.png|left|L2tpoveripsecserver2]]
[[File:L2tpoveripsecserver2f.png|left|L2tpoveripsecserver2|border|class=tlt-border]]
*'''Remote VPN endpoint''' - IP address or hostname of the remote IPsec instance. '''Leave empty''' for the server configuration
*'''Remote VPN endpoint''' - IP address or hostname of the remote IPsec instance. '''Leave empty''' for the server configuration
*'''Enable''' - if checked, enables the IPsec instance
*'''Enable''' - if checked, enables the IPsec instance
To configure a windows PC as a client, you can use the already developed VPN function. To do this, select the search bar and type "Add a VPN connection". Then select the "Add VPN" option.
To configure a windows PC as a client, you can use the already developed VPN function. To do this, select the search bar and type "Add a VPN connection". Then select the "Add VPN" option.
*'''Client configuration''':
*'''Client configuration''':
[[File:WindowsVPNconfigf.png|left|WindowsVPNconfig]]
[[File:WindowsVPNconfigf.png|left|WindowsVPNconfig|border|class=tlt-border|1100px]]
*'''VPN provider''' - VPN provider to be configured. In our case we select the "Windows (build-in)" option.
*'''VPN provider''' - VPN provider to be configured. In our case we select the "Windows (build-in)" option.
*'''Connection name''' - enter a custom name.
*'''Connection name''' - enter a custom name.
If you've followed all the steps presented above, your configuration should be finished. But as with any other configuration, it is always wise to test the setup in order to make sure that it works properly. The simplest way to test an IPsec connection is using the ipsec status command. You can execute this command via a command line interface (CLI). A CLI is present in all RUTxxx routers' WebUIs. To access it, login to the routers' WebUI and navigate to ''' Services''' → ''' CLI''' . Login to CLI with the user name root and the router's admin password. Then simply the ipsec status and press the "Enter" key:
If you've followed all the steps presented above, your configuration should be finished. But as with any other configuration, it is always wise to test the setup in order to make sure that it works properly. The simplest way to test an IPsec connection is using the ipsec status command. You can execute this command via a command line interface (CLI). A CLI is present in all RUTxxx routers' WebUIs. To access it, login to the routers' WebUI and navigate to ''' Services''' → ''' CLI''' . Login to CLI with the user name root and the router's admin password. Then simply the ipsec status and press the "Enter" key:
[[File:Ipseccorrectlyfinal2.png|left|Ipseccorrectlyfinal2]]
[[File:Ipseccorrectlyfinal2.png|left|Ipseccorrectlyfinal2|border|class=tlt-border|1100px]]
As you can see, executing ipsec status displays the number of active/inactive IPsec connections. If the connection you just configured is the only IPsec connection that you're using, you should a 1 up indication next to Security Associations.
As you can see, executing ipsec status displays the number of active/inactive IPsec connections. If the connection you just configured is the only IPsec connection that you're using, you should a 1 up indication next to Security Associations.
To test an L2TP connection. You should then be able to ping the opposite instance, i.e., if you logged in to the server's CLI, you should be able to ping the client's virtual IP address, and vice versa. To use a ping command, type ''' ping <ip_address>''' and press the ''' Enter''' key on your keyboard:
To test an L2TP connection. You should then be able to ping the opposite instance, i.e., if you logged in to the server's CLI, you should be able to ping the client's virtual IP address, and vice versa. To use a ping command, type ''' ping <ip_address>''' and press the ''' Enter''' key on your keyboard:
[[File:L2tpcorrectlyfinal.png|left|L2tpcorrectly]]
[[File:L2tpcorrectlyfinal.png|left|L2tpcorrectly|border|class=tlt-border|1100px]]
If the ping requests are successful, congratulations, your setup works! If not, we suggest that you review all steps once more.
If the ping requests are successful, congratulations, your setup works! If not, we suggest that you review all steps once more.
