editor
698
edits
FireBrick L2TP Server: Difference between revisions
m
clean up, typos fixed: ie, → i.e., (4), etc, → etc.,, eg → e.g. (3)
mNo edit summary |
m (clean up, typos fixed: ie, → i.e., (4), etc, → etc.,, eg → e.g. (3)) |
||
|
The <match settings are to match individual SIMs when the conenct in, and thus giving them their own IP address etc.
*name - just a name,
*graph - make a graph for this SIM - will show usage etc., but latency can be ignored.
*calling-station-id - this is the ICCID of the SIM, as AAISP use this as the station id
*remote-ip - the IP address to give the SIM,
==Firewall==
You will also need firewall filters,
<syntaxhighlight>
<rule name="L2TPOut" source-interface="l2tp"/>
</syntaxhighlight>
This of course can be restricted, so you could give a SIM just access to your LAN and not your WAN -
==Routing from the LAN==
=AAISP Config=
[[File:Small-sim.jpg|frame|Data SIM
At the AAISP end, AAISP will set up a 'line' on the control pages for your SIM, you can request Staff to set this for [[L2TP]]:
*Target IP - IP (4 or 6) of your FireBrick
*Host - The Hostname as set in your 'incoming' config,
*secret - The secret as set in your incoming config,
On the Web interface, Status, [[L2TP]] will give the connection, if it's connected.
[[File:L2tp-sessions.png|border|SIM showing on L2TP sessions page
You can use the FireWall check to check if a SIM will have access to the internet.
=Separate (NAT) Subnet for the Dongle=
Rather than giving your SIM an IP on your LAN, you could give the SIM a private (RFC1918) IP in the <match config,
<syntaxhighlight>
<match name="SIM" graph="SIM" calling-station-id="8944200000000000" remote-ip="192.168.99.99" comment="My SIM"/>
| |||