54
Figure 51 VPN Mode Screen
L2TP Configuration
If you have enabled L2TP over IPSec you must enter the following
items:
1 In the IPSec Configuration field, enter This Gateway’s ID as an
Internet IP address or name of the Gateway that you are
configuring. This value is common across all IPSec connections
but does not apply to PPTP connections. If PPTP only is enabled,
This Gateway’s ID field disappears.
2 In the L2TP Configuration field, enter:
■ the Domain Name as an IP address. A Domain Name locates a
website on the Internet.
■ The IPSec Shared Key. This is the key for the connection and
is a combination of letters, numbers and punctuation and can
be up to 64 characters in length. 3Com recommends that the
key and password are not the same. The user will need to
know the IPSec Shared Key to enable connection.
■ In the Encryption Level field, choose either Allow DES tunnels
or Allow 3DES tunnels. 3DES is more secure but may take
longer to encrypt and decrypt.
3DES is not shipped with the Gateway as standard due to
international restrictions on encryption. If your country permits its
use it can be downloaded from the 3Com web site at
http://www.3com.com/
3 To set up the Gateway for L2TP over IPSec you must allocate IP
addresses from the Gateway’s LAN for use with L2TP over IPSec.
The connections made by L2TP over IPSec will appear to come
from these addresses. The addresses must be in a continuous
range.
In the Address Pool for PPTP and L2TP clients field enter:
■ The first LAN address you wish to reserve for L2TP over IPSec
in the First Remote IP Address field.
■ The last LAN address you wish to reserve for L2TP over IPSec
in the Last Remote IP Address field.
If PPTP mode is selected, then the Address Pool is the same for
PPTP and L2TP over IPSec clients.
These addresses must be within the Gateway’s LAN subnet and
must not form part of the DHCP pool..
4 Click Apply to save your changes.
dua08 569-5aaa02.book Pag e 54 Thursday , Novem ber 7 , 2002 3:09 PM