Operation Manual
Chapter 19 IPSec VPN
SBG3300-N Series User’s Guide
214
19.4.3 The Default_L2TP_VPN IPSec VPN Rule
A default IPSec VPN rule (Default_L2TP_VPN) is predefined. It can be edited but cannot be
removed. This rule is used for L2TP VPN exclusively and is disabled by default.
The following table lists the default settings for the Default_L2TP_VPN IPSec VPN.
Local/Remote IP
Address
If you select Single in the Local/Remote IP Type field, specify the IP addresses of
the devices behind the Device that can use the VPN tunnel. The local IP addresses must
correspond to the remote IPSec router's configured remote IP addresses.
Two active SAs cannot have the local and remote IP address(es) both the same. Two
active SAs can have the same local or remote IP address, but not both. You can
configure multiple SAs between the same local and remote IP addresses, as long as
only one is active at any time.
Local/Remote
Subnet Mask
If you select Subnet in the Local/Remote IP Type field, enter a subnet mask on the
LAN behind your Device.
Apply Click Apply to save your changes back to the Device.
Cancel Click Cancel to restore your previous settings.
Table 91 VPN > IPSec VPN > Setup > Edit (continued)
LABEL DESCRIPTION
Table 92 Default settings for Default_L2TP_VPN
GENERAL AUTHENTICATION
Enabled No Pre-Shared Key selected (text) 12345678
Nailed-up No Certificate none
NAT Traversal Yes Local ID Type IP
Application Scenario Remote Access Content 0.0.0.0
My Address Any Remote ID Type Any
PHASE 1 PHASE 2
Life time 86400 Life time 3600
Negotiation Mode Main Tunnel Mode ESP
Encryption /
Authentication
3DES / SHA1
3DES / MD5
AES256 / SHA1
Encryption DES
3DES
AES256
Authentication MD5
SHA1
Key Group DH2 Perfect Forward Secrecy
(PFS)
No
Dead Peer Detection
(DPD)
Yes Encapsulation Transport
XAUTH No