Nebula [VPN] - Configure L2TP for your Nebula Firewall

This article will explain how to set up your L2TP tunnel using Nebula CC [USG FLEX/ATP Series]. How to configure the VPN users, NCC and your clients as well as testing your result.

 

Introduction 

Figure 1 L2TP over IPSec VPN

 

In Figure1, there are multiple clients that want to access the server that is behind Firewall. To do that, the clients establish the L2TP over IPSec VPN tunnel to Firewall.


Figure 1 L2TP over IPSec VPN

All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks. This example was tested Nebula gateway, switch, APs with the last firmware version on Nebula Center Control (NCC).

1) Configure L2TP on Nebula Cloud Center

 

1.1 Enable and Configure Remote VPN

 

Go to

Site-wide > Configure > Firewall > Remote access VPN

and configure the parameters.

Client VPN server: L2TP over IPSec client

Client VPN subnet: 192.168.100.0/24

DNS name servers: Use "Specify nameserver..." and select Google DNS and/or the LAN gateway address of the primary LAN subnet of the firewall

WINS: No WINS servers

Secret: <Pre-shared key>

Authentication: Nebula Cloud Authentication


Click "Custom" and make sure that you have "Default" selected here to get for example Windows PC to work.



Then click save.

1.2 Configure Cloud Authentication Users

Go to

Site-wide > Configure > Cloud authentication 

select Account type “VPN User” and create(add) user.

Add the email address, username, select a password and allow the user to login to the VPN via "VPN Access". Don't forget to authorize the user to the organization or the site and I prefer to be able to login via the username or the email.
Note: If you only want this account to access a specific site via L2TP, you may select Specified sites in the Authorized section.

  1. Click Save and make sure firewall's configuration status is up to date.

2) Client Configuration

Take a look at this article: 

VPN - Configure L2TP Client Configuration using Android, iOS, Windows & Linux Ubuntu

 

Articles in this section

Was this article helpful?
0 out of 0 found this helpful
Share

Comments

0 comments

Please sign in to leave a comment.