Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick L2TP Server: Difference between revisions

FireBrick L2TP Server (view source)

Revision as of 09:58, 21 May 2021

25 bytes removed ,  21 May 2021
m
no edit summary
(clean up)
mNo edit summary
==Firewall==
You will also need firewall filters, e.g. to allow traffic out of the SIM, in a rule-set add something to match the SIM.
<syntaxhighlight lang=xml>
<rule name="L2TPOut" source-interface="l2tp"/>
</syntaxhighlight>
=Separate (NAT) Subnet for the Dongle=
Rather than giving your SIM an IP on your LAN, you could give the SIM a private (RFC1918) IP in the <match config, e.g.:
<syntaxhighlight lang=xml>
<match name="SIM" graph="SIM" calling-station-id="8944200000000000" remote-ip="192.168.99.99" comment="My SIM"/>
</syntaxhighlight>
To give the SIMs access to the Internet, you will need a Route Override configured to NAT the traffic from the [[L2TP]] to your internet interface (in this case PPPoE), eg:
 
<syntaxhighlight lang=xml>
<route-override name="L2TP NAT">
<rule name="NAT the SIM for Internet Access" source-interface="[[L2TP|l2tp]]" target-interface="pppoe" set-nat="true"/>
AA-Andrew
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,264

edits

Retrieved from ‘http://support.aa.net.uk/Special:MobileDiff/15012