This article will explain how to set up your L2TP tunnel using Nebula CC [USG FLEX/ATP Series]. How to configure the VPN users, NCC and your clients as well as testing your result.
Introduction
In Figure1, there are multiple clients that want to access the server that is behind Firewall. To do that, the clients establish the L2TP over IPSec VPN tunnel to Firewall.
Figure 1 L2TP over IPSec VPN
1) Configure L2TP on Nebula Cloud Center
1.1 Enable and Configure Remote VPN
Go to
Site-wide > Configure > Firewall > Remote access VPN
and configure the parameters.
Client VPN server: L2TP over IPSec client
Client VPN subnet: 192.168.100.0/24
DNS name servers: Use "Specify nameserver..." and select Google DNS and/or the LAN gateway address of the primary LAN subnet of the firewall
WINS: No WINS servers
Secret: <Pre-shared key>
Authentication: Nebula Cloud Authentication
Click "Custom" and make sure that you have "Default" selected here to get for example Windows PC to work.
1.2 Configure Cloud Authentication Users
Go to
Site-wide > Configure > Cloud authentication
select Account type “VPN User” and create(add) user.
Add the email address, username, select a password and allow the user to login to the VPN via "VPN Access". Don't forget to authorize the user to the organization or the site and I prefer to be able to login via the username or the email.
Note: If you only want this account to access a specific site via L2TP, you may select Specified sites in the Authorized section.
- Click Save and make sure firewall's configuration status is up to date.
2) Client Configuration
Take a look at this article:
VPN - Configure L2TP Client Configuration using Android, iOS, Windows & Linux Ubuntu
Comments
0 commentsPlease sign in to leave a comment.