Chapter 4 Create Secure Connections Across the Internet
ZyWALL USG 20-2000 User’s Guide
81
3
Click
Configuration > VPN > L2TP VPN
and then
Create New Object > Address
to create an
IP address pool for the L2TP VPN clients. This example uses
L2TP_POOL
with a range of
192.168.10.10 to 192.168.10.20. Click
Create New Object > User/Group
to create a user object
for the users allowed to use the tunnel. This example uses a user object named
L2TP-test
.
Enable the connection.
Set
VPN Connection
to
Default_L2TP_VPN_Connection
.
Set
IP Address Pool
to
L2TP_POOL
.
Select the authentication method (default in this example), and select the users that can use the
tunnel (
L2TP-test
in this example).
4.6.2 Configuring Policy Routing
You must also configure a policy route to let remote users access resources on the network behind
the ZyWALL.
• Set the policy route’s
Source Address
to the address object that you want to allow the remote
users to access (
LAN_1SUBNET
in this example).
• Set the
Destination Address
to the IP address pool that the ZyWALL assigns to the remote
users (
L2TP_POOL
in this example)).
• Set the next hop to be the VPN tunnel that you are using for L2TP VPN.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
