VPN
Configuring L2TP Server
Cisco ISA500 Series Integrated Security Appliances Administration Guide 385
8
Configuring L2TP Server
Layer 2 Tunneling Protocol (L2TP) is a VPN tunneling protocol that allows remote
clients to use the public IP network to securely communicate with private
corporate network servers. L2TP uses PPP over UDP (port 1701) to tunnel the
data.
L2TP protocol is based on the client and server model. The security appliance can
terminate the L2TP-over-IPsec connections from incoming Microsoft Windows
clients.
STEP 1 Click VPN > L2TP Server.
STEP 2 Click On to enable L2TP server, or click Off to disable it.
STEP 3 If you enable L2TP server, enter the following information:
• Listen WAN Interface: Choose the WAN interface on which the L2TP server
listens to accept the incoming L2TP VPN connection.
• User Name: Enter the username that all L2TP clients use to access the L2TP
server.
• Password: Enter the password that all L2TP clients use to access the L2TP
server.
NOTE: All L2TP clients use the same username and password to log into the
L2TP server.
• MTU: Enter the MTU size in bytes that can be sent over the network. The
valid range is 128 to 1400 bytes. The default value is 1400 bytes.
• Authentication Method: Choose either CHAP (Challenge Handshake
Authentication Protocol) or PAP (Password Authentication Protocol), or both
to authenticate the L2TP clients. Click On to enable CHAP or PAP, or click Off
to disable it.
• Address Pool: The L2TP server assigns IP addresses to all L2TP clients.
Enter the starting IP address in the Start IP Address field and the ending IP
address in the End IP Address field.
• DNS1 IP Address: Enter the IP address of the primary DNS server.
• DNS2 IP Address: Optionally, enter the IP address of the secondary DNS
server.