Firebrick using L2TP over dongle

From AAISP Support Site
Revision as of 23:58, 17 August 2018 by Reedy (talk | contribs) (→‎Overview: clean up)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

2700-small.png

Overview

Some customers prefer to use a dongle as their main connection in areas where ADSL speeds are particularly poor. People may find that CGNAT or other limiting factors within the cellular network break certain services such as SIP. We can get around this using L2TP.

The config below is a small modification to the config generated by the FireBrick itself. The idea is to set the payload-table for L2TP to table 1, and to then put the LAN interface on this table.

 <port name="LAN" ports="1 2 3 4"/>
   <port name="USB" ports="" dongle="Dongle"/>
   <interface name="LAN" port="LAN" table="1" comment="Default LAN interface">
      <subnet name="Default IPs" ip="10.0.0.1/24" nat="true" comment="Temporary IPs for setup only, delete when finished configuring"/>
      <dhcp name="Auto allocated IPs" ip="10.0.0.2-199" comment="Allocates IP addresses automatically"/>
   </interface>
   <interface name="USB" port="USB" comment="Default USB interface">
      <subnet name="DHCP client"/>
   </interface>
   <usb>
      <dongle name="Dongle" comment="Default USB config, does not usually require any more settings"/>
   </usb>
   <l2tp accounting-interval="1:00:00">
      <outgoing name="AAISP" hostname="AAISP" ip="90.155.53.19" graph="Tunnel" payload-table="1" username="xxx@a.x" password="xxxxxxxx" tcp-mss-fix="true" comment="To AAISP"/>
   </l2tp>
   <ipsec-ike/>
   <rule-set name="Firewall: LAN" target-interface="LAN" no-match-action="reject" comment="Default firewall rule for traffic to LAN">
      <rule name="Allow Firebrick" source-interface="self" comment="Allow all from the FireBrick to LAN"/>
   </rule-set>