L2TP over IPsec RutOS: Difference between revisions
→Testing the setup
(3 intermediate revisions by the same user not shown) | |||
Line 64: | Line 64: | ||
When you're done with the configuration, you should test whether it works before you move on. The simplest way to test an IPsec connection is using the '''ipsec status''' command. You can execute this command via a command line interface (CLI). A CLI is present in all RUTxxx routers' WebUIs. To access it, login to one of the routers' WebUI (doesn't matter which one) and navigate to '''Services → CLI'''. Login to CLI with the user name '''root''' and the router's admin password. Then simply the ''ipsec status'' and press the "Enter" key: | When you're done with the configuration, you should test whether it works before you move on. The simplest way to test an IPsec connection is using the '''ipsec status''' command. You can execute this command via a command line interface (CLI). A CLI is present in all RUTxxx routers' WebUIs. To access it, login to one of the routers' WebUI (doesn't matter which one) and navigate to '''Services → CLI'''. Login to CLI with the user name '''root''' and the router's admin password. Then simply the ''ipsec status'' and press the "Enter" key: | ||
[[File:Networking rutxxx configuration examples ipsec status | [[File:Networking rutxxx configuration examples ipsec status v3.png|border|class=tlt-border]] | ||
As you can see, executing ''ipsec status'' displays the number of active/inactive IPsec connections. If the connection you just configured is the only IPsec connection that you're using, you should a '''1 up''' indication next to Security Associations. | As you can see, executing ''ipsec status'' displays the number of active/inactive IPsec connections. If the connection you just configured is the only IPsec connection that you're using, you should a '''1 up''' indication next to Security Associations. | ||
Line 77: | Line 77: | ||
---- | ---- | ||
* '''Server configuration''': | * '''Server configuration''': | ||
[[File:Networking rutxxx configuration examples l2tp server configuration v2.png|border|class=tlt-border|1100px]] | |||
# '''Enable''' - when checked, enables the instance | |||
# '''Local IP''' - the server's virtual IP address | |||
# '''Remote IP range''' parameters - the range of virtual IP addresses that will be assigned to connecting clients | |||
# '''User name''' and '''Password''' - authentication information used to authenticate connecting clients | |||
---- | ---- | ||
* '''Client configuration''': | * '''Client configuration''': | ||
[[File:Networking rutxxx configuration l2tp client configuration | [[File:Networking rutxxx configuration l2tp client configuration v2.png|border|class=tlt-border|1100px]] | ||
# '''Enable''' - when checked, enables the instance | |||
# '''Server''' - L2TP server's Public IP address | |||
# '''User name''' and '''Password''' - authentication information. Used the values specified in the Server's configuration | |||
==Testing the setup== | ==Testing the setup== | ||
Line 97: | Line 96: | ||
If you've followed all the steps presented above, your configuration should be finished. But as with any other configuration, it is always wise to test the setup in order to make sure that it works properly. We already tested the IPsec connection in the '''[[L2TP_over_IPsec#Testing_the_connection|3.1.3]]''' section of this article. To test an L2TP connection, login to one of the routers' WebUIs and go to '''Services → CLI'''. Login with user name: '''root''' and the router's admin password. You should then be able to '''ping''' the opposite instance, i.e., if you logged in to the server's CLI, you should be able to ping the client's virtual IP address, and vice versa. To use a ping command, type '''ping <ip_address>''' and press the "Enter" key on your keyboard: | If you've followed all the steps presented above, your configuration should be finished. But as with any other configuration, it is always wise to test the setup in order to make sure that it works properly. We already tested the IPsec connection in the '''[[L2TP_over_IPsec#Testing_the_connection|3.1.3]]''' section of this article. To test an L2TP connection, login to one of the routers' WebUIs and go to '''Services → CLI'''. Login with user name: '''root''' and the router's admin password. You should then be able to '''ping''' the opposite instance, i.e., if you logged in to the server's CLI, you should be able to ping the client's virtual IP address, and vice versa. To use a ping command, type '''ping <ip_address>''' and press the "Enter" key on your keyboard: | ||
[[File:Networking rutxxx configuration examples l2tp over ipsec ping | [[File:Networking rutxxx configuration examples l2tp over ipsec ping v2.png|border|class=tlt-border|600px]] | ||
If the ping requests are successful, congratulations, your setup works! If not, we suggest that you review all steps once more. | If the ping requests are successful, congratulations, your setup works! If not, we suggest that you review all steps once more. |