TMS zl Management and Configuration Guide ST.1.2.100916
7-180
Virtual Private Networks
Configure an L2TP over IPsec VPN
The exact steps for configuring these policies are given below:
1. In the left navigation bar of the Web browser interface, select Firewall >
Access Policies. The Unicast tab should be selected.
2. Click Add a Policy. The Add Policy window is displayed.
3. Allow IKE messages from the remote endpoints.
a. For Action, leave the default Permit Traffic.
b. For From, select the remote zone.
c. For To, select SELF.
d. For Service, select isakmp.
e. For Source, accept the default, Any Address.
Allowing any IP address is the easiest way to set up the VPN. However,
if you know the public addresses of all of your remote endpoints and
have created a named object with those addresses, specify that object
here.
f. For Destination, leave Any Address or specify the IP address for the
local VPN gateway.
You can specify the address manually or use a previously configured
address object.
When
NAT-T is
used
None Remote SELF NAT-T
(ipsec-
nat-t-udp)
3 or Any
1—
1
When
NAT-T is
used
None SELF Remote NAT-T
(ipsec-
nat-t-udp)
13 or Any
—
1
When
Required
User Group From Zone To Zone Service Source Destination TCP
MSS
Number of
policies