Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick L2TP Server: Difference between revisions

If you are assigning IPs from your LAN to the SIM, then as the L2TP connection is on a different interface to your LAN -to enable routing from the LAN to your SIM you will need to set proxy-arp=true on the LAN interface.
 
==Separate (NAT) Subnet for the Dongle==
Rather than giving your SIM an IP on your LAN, you could give the SIM a private (RFC1918) IP, and no need to create a separate subnet interface. This will then be accessible only from your LAN, and the SIM will only have access to your LAN and not the WAN
Rather than giving your SIM an IP on your LAN, you could give the SIM a private (RFC1918) IP in the <match config, eg:
<match name="SIM" graph="SIM" calling-station-id="8944200000000000" remote-ip="192.168.99.99" comment="My SIM"/>
 
RatherHere thanthere giving your SIM an IP on your LAN, you could give the SIM a private (RFC1918) IP, andis no need to create a separate subnet interface on the FireBrick. This willSIM then be accessible only from your LAN and not your WAN, and the SIM will only have access to your LAN and not the WAN.
 
To give the SIMs access to the Internet, you will need a Route Override configured to NAT the traffic from the L2TP to your internet interface (in this case PPPoE), eg:
 
<route-override name="L2TP NAT">
<rule name="NAT the SIM for Internet Accesss" source-interface="l2tp" target-interface="pppoe" set-nat="true"/>
</route-override>
 
=AAISP Config=
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,264

edits