Difference between revisions of "FireBrick L2TP Server"

Jump to navigation Jump to search
m
no edit summary
(clean up)
m
 
==Firewall==
You will also need firewall filters, e.g. to allow traffic out of the SIM, in a rule-set add something to match the SIM.
<syntaxhighlight lang=xml>
<rule name="L2TPOut" source-interface="l2tp"/>
</syntaxhighlight>
=Separate (NAT) Subnet for the Dongle=
Rather than giving your SIM an IP on your LAN, you could give the SIM a private (RFC1918) IP in the <match config, e.g.:
<syntaxhighlight lang=xml>
<match name="SIM" graph="SIM" calling-station-id="8944200000000000" remote-ip="192.168.99.99" comment="My SIM"/>
</syntaxhighlight>
To give the SIMs access to the Internet, you will need a Route Override configured to NAT the traffic from the [[L2TP]] to your internet interface (in this case PPPoE), eg:
 
<syntaxhighlight lang=xml>
<route-override name="L2TP NAT">
<rule name="NAT the SIM for Internet Access" source-interface="[[L2TP|l2tp]]" target-interface="pppoe" set-nat="true"/>

Navigation menu