Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick L2TP Server: Difference between revisions

FireBrick L2TP Server (view source)

Revision as of 14:46, 21 May 2013

74 bytes added ,  21 May 2013
no edit summary
No edit summary
No edit summary
=Separate (NAT) Subnet for the Dongle=
Rather than giving your SIM an IP on your LAN, you could give the SIM a private (RFC1918) IP in the <match config, eg:
<syntaxhighlight>
<match name="SIM" graph="SIM" calling-station-id="8944200000000000" remote-ip="192.168.99.99" comment="My SIM"/>
</syntaxhighlight>
 
Here there is no need to create a separate subnet interface on the FireBrick. This SIM then be accessible from your LAN and not your WAN, and the SIM will only have access to your LAN and not the WAN.
To give the SIMs access to the Internet, you will need a Route Override configured to NAT the traffic from the L2TP to your internet interface (in this case PPPoE), eg:
 
<syntaxhighlight>
<route-override name="L2TP NAT">
<rule name="NAT the SIM for Internet Access" source-interface="l2tp" target-interface="pppoe" set-nat="true"/>
</route-override>
</syntaxhighlight>
AA-Andrew
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,270

edits

Retrieved from ‘http://support.aa.net.uk/Special:MobileDiff/2001