-
-
Save nicwise/c33a3cf5c4ae990d5d059c91da0436cf to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set vpn l2tp remote-access authentication mode local | |
| set vpn l2tp remote-access authentication local-users username <username> password <password> | |
| set vpn l2tp remote-access client-ip-pool start 10.0.3.10 | |
| set vpn l2tp remote-access client-ip-pool stop 10.0.3.20 | |
| set vpn l2tp remote-access dns-servers server-1 10.0.0.1 | |
| set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret | |
| set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret <secret> | |
| set vpn l2tp remote-access ipsec-settings ike-lifetime 3600 | |
| set vpn l2tp remote-access outside-address 0.0.0.0 | |
| set firewall name WAN_LOCAL rule 50 description “Allow IKE” | |
| set firewall name WAN_LOCAL rule 50 action accept | |
| set firewall name WAN_LOCAL rule 50 destination port 5000 | |
| set firewall name WAN_LOCAL rule 50 protocol udp | |
| set firewall name WAN_LOCAL rule 51 description “Allow L2TP” | |
| set firewall name WAN_LOCAL rule 51 action accept | |
| set firewall name WAN_LOCAL rule 51 destination port 1701 | |
| set firewall name WAN_LOCAL rule 51 protocol udp | |
| set firewall name WAN_LOCAL rule 52 description “Allow ESP” | |
| set firewall name WAN_LOCAL rule 52 action accept | |
| set firewall name WAN_LOCAL rule 52 protocol 50 | |
| set firewall name WAN_LOCAL rule 53 description “Allow NAT-T” | |
| set firewall name WAN_LOCAL rule 53 action accept | |
| set firewall name WAN_LOCAL rule 53 destination port 4500 | |
| set firewall name WAN_LOCAL rule 53 protocol udp |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment