Difference between revisions of "FireBrick L2TP Server"

From AAISP Support Site
Jump to: navigation, search
[unchecked revision][unchecked revision]
(AAISP Config)
Line 2: Line 2:
   
 
=FireBrick Config=
 
=FireBrick Config=
  +
  +
On the WebUI, this is set under Tunnels, L2TP, Incoming L2TP connections.
   
 
<syntaxhighlight>
 
<syntaxhighlight>
 
<l2tp>
 
<l2tp>
<incoming name="MyL2TP" hostname="FireBrick" secret="myPassword" pppip="91.240.176.254" pppdns1="217.169.20.20" pppdns2="8.8.8.8" lcp-rate="25" lcp-timeout="240" tcp-mss-fix="true" radius="l2tp" log="ppp" log-debug="ppp">
+
<incoming name="MyL2TP" hostname="FireBrick" secret="myPassword" pppip="10.0.0.2" pppdns1="217.169.20.20" pppdns2="8.8.8.8" lcp-rate="25" lcp-timeout="240" tcp-mss-fix="true" radius="l2tp" log="ppp" log-debug="ppp">
 
<match name="MySIM" graph="MySIM" calling-station-id="89442xxxxxx" remote-ip="10.0.0.4" comment="Change IP to one on your LAN"/>
 
<match name="MySIM" graph="MySIM" calling-station-id="89442xxxxxx" remote-ip="10.0.0.4" comment="Change IP to one on your LAN"/>
 
</l2tp>
 
</l2tp>
  +
</syntaxhighlight>
  +
  +
Change the pppip to be the IP you're using, ie the address if the FireBrick.
  +
The LCP rates are changed to be less
  +
  +
You will also need firewall filters, eg to allow trraffic out of the SIM:
  +
<syntaxhighlight>
  +
<rule name="L2TPOut" source-interface="l2tp"/>
 
</syntaxhighlight>
 
</syntaxhighlight>
   
Line 13: Line 23:
 
AAISP will set up a 'line' on the control pages for your SIM, you can request Staff to set up:
 
AAISP will set up a 'line' on the control pages for your SIM, you can request Staff to set up:
 
*Target IP - IP (4 or 6) of your FireBrick
 
*Target IP - IP (4 or 6) of your FireBrick
  +
*Host - The Hostname as set in your 'incoming' config, ie FireBrick in this case
*Host -
 
  +
*secret - The secret as set in your incoming config, ie myPassword in this case

Revision as of 14:09, 17 May 2013

AAISP Data SIMS can be relayed on to your own L2TP Server, such as a FireBrick

FireBrick Config

On the WebUI, this is set under Tunnels, L2TP, Incoming L2TP connections.

<l2tp>
 <incoming name="MyL2TP" hostname="FireBrick" secret="myPassword" pppip="10.0.0.2" pppdns1="217.169.20.20" pppdns2="8.8.8.8" lcp-rate="25" lcp-timeout="240" tcp-mss-fix="true" radius="l2tp" log="ppp" log-debug="ppp">
 <match name="MySIM" graph="MySIM" calling-station-id="89442xxxxxx" remote-ip="10.0.0.4" comment="Change IP to one on your LAN"/>
</l2tp>

Change the pppip to be the IP you're using, ie the address if the FireBrick. The LCP rates are changed to be less

You will also need firewall filters, eg to allow trraffic out of the SIM:

      <rule name="L2TPOut" source-interface="l2tp"/>

AAISP Config

AAISP will set up a 'line' on the control pages for your SIM, you can request Staff to set up:

  • Target IP - IP (4 or 6) of your FireBrick
  • Host - The Hostname as set in your 'incoming' config, ie FireBrick in this case
  • secret - The secret as set in your incoming config, ie myPassword in this case