FireBrick L2TP Server: Difference between revisions
If you are assigning IPs from your LAN to the SIM, then as the L2TP connection is on a different interface to your LAN -to enable routing from the LAN to your SIM you will need to set proxy-arp=true on the LAN interface.
==Separate (NAT) Subnet for the Dongle==
Rather than giving your SIM an IP on your LAN, you could give the SIM a private (RFC1918) IP, and no need to create a separate subnet interface. This will then be accessible only from your LAN, and the SIM will only have access to your LAN and not the WAN▼
Rather than giving your SIM an IP on your LAN, you could give the SIM a private (RFC1918) IP in the <match config, eg:
<match name="SIM" graph="SIM" calling-station-id="8944200000000000" remote-ip="192.168.99.99" comment="My SIM"/>
▲
To give the SIMs access to the Internet, you will need a Route Override configured to NAT the traffic from the L2TP to your internet interface (in this case PPPoE), eg:
<route-override name="L2TP NAT">
<rule name="NAT the SIM for Internet Accesss" source-interface="l2tp" target-interface="pppoe" set-nat="true"/>
</route-override>
=AAISP Config=
|