Changes

         <th width=325; style="border-bottom: 1px solid white;></th>

         <th width=325; style="border-bottom: 1px solid white;></th>

         <th width=820; style="border-bottom: 1px solid white;" rowspan=2;>

         <th width=820; style="border-bottom: 1px solid white;" rowspan=2;>

[[File:Networking_RUTX_VPN_between_HQ_topology_v3.png|border|class=tlt-border|750px|right]]</th>

[[File:Networking_rutos_configuration_example_l2tp_over_ipsec_android_topology_v1.png|border|class=tlt-border|750px|right]]</th>

     </tr>

     </tr>

     <tr>

     <tr>

* At least one Android device

* At least one Android device

The topology above depicts the L2TP/IPsec scheme. - The router with the Public IP address ('''''RUTX11''''') acts as the '''L2TP/IPsec server''' and the '''Android device''' acts as '''client'''. L2TP connects the networks of '''RUTX11''' and '''Android client''', IPsec provides the encryption for the L2TP tunnel. Created VPN tunnel will allow Android device to reach home network behind the RUTX11 router, but the rest of Android device network traffic will not be redirected through VPN. This way the VPN tunnel will not be under a huge load and will provide greater speeds.

The topology above depicts the L2TP/IPsec scheme. The router with the Public IP address ('''RUTX''') acts as the '''L2TP/IPsec server''' and the '''Android device''' acts as '''client'''. L2TP connects the networks of '''RUTX''' and '''Android client''', IPsec provides the encryption for the L2TP tunnel. Created VPN tunnel will allow Android device to reach home network behind the RUTX router, but the rest of Android device network traffic will not be redirected through VPN. This way the VPN tunnel will not be under a huge load and will provide greater speeds.

When the scheme is realized, you will be able to reach your home internal network with all internal systems, cameras, or other IOT devices globally.

When the scheme is realized, you will be able to log on to your home network from anywhere - work, hotel, car. You will have access to all of your home resources, and your data will still be secure, even if you will be using public WiFi.

==Configuring home router (RUTX)==

==Configuring home router (RUTX)==

     <tr>

     <tr>

         <td style="border-bottom: 1px solid white;>

         <td style="border-bottom: 1px solid white;>

Login to the router's WebUI and navigate to the '''Services → VPN → L2TP''' page and do the following:

Login to the router's WebUI, navigate to the '''Services → VPN → L2TP''' page and do the following:

<ol>

<ol>

     <li>Enter a '''custom configuration name'''.</li>

     <li>Enter a '''custom configuration name'''.</li>

     <tr>

     <tr>

         <td style="border-bottom: 1px solid white>

         <td style="border-bottom: 1px solid white>

Go to the '''Services → VPN → IPsec''' page and do the following:

Now go to the '''Network → Firewall → General Settings''' page and press '''Edit''' button next to the L2TP forward rule:

      <li>Click the '''Edit''' button next to the newly created instance.</li>

         </td>

         </td>

     </tr>

     </tr>

     <tr>

     <tr>

         <td style="border-bottom: 1px solid white>

         <td style="border-bottom: 1px solid white>

<ol>     

<ol>     

       <li>'''Enable''' the instance.</li>

       <li>Set '''Forward: accept'''.</li>

      <li>Enter your '''Pre-shared key'''.</li>

       <li>Select '''Covered networks: LAN'''.</li>

       <li>Select '''Type: Transport'''.</li>

      <li>Go to '''Phase 2''' settings and also set '''DH group''' to '''MODP1024'''.</li>

       <li>'''Save''' changes.</li>

       <li>'''Save''' changes.</li>

</ol>

</ol>

         <th width=525; style="border-bottom: 1px solid white;"></th>

         <th width=525; style="border-bottom: 1px solid white;"></th>

         <th width=620; style="border-bottom: 1px solid white;" rowspan=2>

         <th width=620; style="border-bottom: 1px solid white;" rowspan=2>

[[File:Networking_rutos_configuration_example_l2tp_over_ipsec_android_6_v2.png|border|class=tlt-border|300px|center]]</th>

[[File:Networking_rutos_configuration_example_l2tp_over_ipsec_android_6_v3.png|border|class=tlt-border|300px|center]]</th>

     </tr>

     </tr>

     <tr>

     <tr>

         <th width=525; style="border-bottom: 1px solid white;"></th>

         <th width=525; style="border-bottom: 1px solid white;"></th>

         <th width=620; style="border-bottom: 1px solid white;" rowspan=2>

         <th width=620; style="border-bottom: 1px solid white;" rowspan=2>

[[File:Networking_rutos_configuration_example_l2tp_over_ipsec_android_7_v2.png|border|class=tlt-border|300px|center]]</th>

[[File:Networking_rutos_configuration_example_l2tp_over_ipsec_android_7_v3.png|border|class=tlt-border|300px|center]]</th>

     </tr>

     </tr>

     <tr>

     <tr>

         <ol>

         <ol>

             <li>Write the '''DNS servers''' you are planning to use (in this example we used google DNS servers).</li>

             <li>Write the '''DNS servers''' you are planning to use (in this example we used google DNS servers).</li>

             <li>Add '''Forwarding routes''' (RUTX11 LAN network).</li>

             <li>Add '''Forwarding routes''' (RUTX LAN network).</li>

             <li>'''Save''' settings.</li>

             <li>'''Save''' settings.</li>

         </ol>

         </ol>

     </tr>

     </tr>

</table>

</table>

'''Disclaimer:'''

'''Disclaimer:'''

This configuration example was created by using Android version 10. The IPsec '''Phase 1''' and '''Phase 2''' settings, which were used in this configuration example, might not work with other Android versions and might require adjustment.

This configuration example was created by using Android version 10. The IPsec '''Phase 1''' and '''Phase 2''' settings, which were used in this configuration example, might not work with other Android versions and might require adjustment.