L2TP_Handover|30px|Back up to the L2TP Handover page]]</indicator>
*A 'Fully Loaded' FireBrick is required for [[L2TP]] features
*AAISP Data SIMS can be relayed on to your own [[L2TP]] Server, such as a FireBrick. This will enable a remote SIM to be connected directly to your LAN and have an IP on your LAN, very similar to a VPN.
*The Computer (or device) with the SIM will not need any special config or software installed.
At the moment the [[L2TP ]] tunnel is not encrypted, but this will change shortly.
*Basic setups can be done in the FireBrick config without the need to run your own RADIUS server - for each SIM connecting in you'll need a single <match .../> config.
*The FireBrick allocates IPs statically within the config and can't use DHCP - for more advanced and more flexible configurations you'd run your own RADIUS server.
On the WebUI, this is set under Tunnels, [[L2TP]], Incoming [[L2TP]] connections, and basic XML example is as below:
The settings explained are:
*lpc-rate/timeout - used for graphs - we don't need to poll as often as the actual LCPs are not answered by the SIM, but by the mobile network. Basically latency on the graphs for SIMs should be ignored.
The match settings are to match individual SIMs when the connect in, and thus giving them their own IP address etc.▼
▲The match settings are to match individual SIMs when the connect in, and thus giving them their own IP address etc.
*name - just a name, e.g. the name of the person using this SIM
*graph - make a graph for this SIM - will show usage etc., but latency can be ignored.
This of course can be restricted, so you could give a SIM just access to your LAN and not your WAN - i.e. to block internet access whilst allowing them to access your own internal servers.
==Routing from the LAN==
If you are assigning IPs from your LAN to the SIM, then as the [[L2TP]] connection is on a different interface to your LAN -to enable routing from the LAN to your SIM you will need to set proxy-arp=true on the LAN interface.