215
edits
L2TP Overview: Difference between revisions
no edit summary
No edit summary |
|||
|
On special request you can have an L2TP login in to AAISP - pricing is based on the usage, and is currently priced the same as usage costs on AAISP 'Be' lines.
== FireBrick FB2500/2700 ==
The FireBrick can connect as an L2TP client for fallback and for its main connection. One thing to watch out for is making sure that the FB doesn't set its own gateway to be the tunnel (which would logically send tunnel packets up the tunnel, which is horrid). You can get around this by using separate routing tables.
This example is for L2TP being the main connection:
<interface name="WAN"
port="WAN1"
table="1"
comment="DHCP client">
<l2tp>
<outgoing name="AAISP"
ip="90.155.53.19"
graph="AAISP"
table="1"
payload-table="0"
username="example@a"
password="secret"
tcp-mss-fix="true"
comment="L2TP tunnel to AAISP"/>
</l2tp>
You can set to fall back to NAT if the tunnel is down. Traffic on routing table 0 won't have a default gateway if the L2TP is down, so will match this rule set that has target interface "nowhere":
<rule-set name="Fallback"
target-interface="nowhere"
no-match-action="continue"
comment="NAT fallback if can't establish L2TP">
<rule name="NAT"
set-nat="true"
set-table="1"
action="accept"/>
</rule-set>
Some Notes from customers:
| |||