Filter
Top Products
294 | VirtualPrivateNetworks DellPowerConnectW-SeriesArubaOS6.2 | User Guide
Configuring VPN Dialer
Use the following procedures to configure the VPN dialer via the WebUI or command-line interfaces
In the WebUI
1. Navigate to the Configuration > Advanced Services > VPN Services > Dialerspage. Click Addto add a new
dialer or click the Edittab to edit an existing dialer.
2. Enter the Dialer Name that is used to identify this setting.
3. Configure the dialer to work with PPTP or L2TP by selecting Enable PPTP or Enable L2TP.
4. Select the authentication protocol. This should match the L2TP or PPTP authentication type configured for the
VPN in the Configuration > Advanced Services > VPN Services > IPSEC window.
5. (Optional) Select Send Direct Network Traffic In Clear to enable “split tunneling” functionality so that traffic
destined for the internal network is tunneled while traffic for the Internet is not.
This option is not recommended for security reasons
.
6. (Optional) Select Disable Wireless Devices When Client is Wired to allow the dialer to shut down the wireless
interface when it detects that a wired network connection is in use.
7. (Optional) Select Enable SecurID New and Next Pin Mode to enable site-to-site VPN support for SecurID new
and next pin modes.
8. For L2TP:
n Set the IKE Hash Algorithm to the value defined in the IKE policy on the Advanced Services > VPN
Services > IPSEC window.
n If a preshared key is configured for an IKE Shared Secret in the VPN Services > IPSEC window, enter the
key.
n The key you enter in the Dialers window must match the preshared key configured on the IPsec page.
n Select the IPsec Mode Group that matches the Diffie Hellman Group configured for the IPsec policy.
n Select the IPsec Encryption that matches the Encryption configured for the IPsec policy.
n Select the IPsec Hash Algorithm that matches the Hash Algorithm configured for the IPsec policy.
9. Click Doneto apply the changes made prior to navigating to another page.
In the CLI
Issue the following commands to configure the VPN dialer via the CLI:
(host(config) #vpn-dialer <name>
enable {dnctclear|l2tp|pptp|secureid_newpinmode|wirednowifi}
ike authentication {pre-share <key>|rsa-sig}
ike encryption {3des|des}
ike group {1|2}
ike hash {md5|sha}
ipsec encryption {esp-3des|esp-des}
ipsec hash {esp-md5-hmac|esp-sha-hmac}
ppp authentication {cache-securid|chap|mschap|mschapv2|pap}
Assigning a Dialer to a User Role
The VPN dialer can be downloaded using Captive Portal. For the user role assigned through Captive Portal,
configure the dialer by the name used to identify the dialer.
For example, if the captive portal client is assigned the
guest
role after logging on through captive portal and the
dialer is called
mydialer
, configure
mydialer
as the dialer to be used in the guest role.