You are on page 1of 12

How To Configure L2TP between Cyberoam

and Windows 7
How To Configure L2TP VPN between Cyberoam and Windows 7

Applicable Version: 10.00 onwards

Scenario
Configure and establish an L2TP connection between Cyberoam and a Windows 7 VPN Client.

This article consists of Two (2) parts:

- Cyberoam Configuration
- Windows 7 Configuration

Cyberoam Configuration
You must be logged on to the Web Admin Console as an administrator with Read-Write permission
for relevant feature(s).

Step 1: Configure L2TP


Go to VPN > L2TP > Configuration and click Enable L2TP. Specify the parameters as given below.

Parameters Value Description

172.16.16.211 - Specify IP Address range if L2TP server has to


Assign IP from
172.16.16.225 lease IP Addresses.
Select Primary DNS Server from the list.
<As
Primary DNS Server configured in
Alternately, you can also specify DNS Server by
Network>
choosing Other from the list.
Specify Secondary DNS server.
<As
Secondary DNS Server configured in
Alternately, you can also specify DNS Server by
Network>
choosing Other from the list.

Click Apply to save changes.


How To Configure L2TP VPN between Cyberoam and Windows 7

Step 2: Add L2TP Members


Click Add Member(s) to add the users who would connect to Cyberoam using L2TP.

Select the L2TP members. Here, as an example, we have selected john.smith as the L2TP member.

Click Apply to save changes.

Step 3: Create L2TP Connection


Go to VPN > L2TP > Connection and click Add to add an L2TP connection as per parameters
below.

Parameters Value Description

Name Head_Branch Enter a unique name to identify L2TP Connection.


Select policy to be applied to the L2TP
Policy DefaultL2TP
connection.
How To Configure L2TP VPN between Cyberoam and Windows 7

Select an action to be taken on the connection


when VPN services or Appliance restarts.

Available Options:
Action on VPN Restart Respond Only
Respond Only Keeps connection disabled till
the user responds.
Disable Keeps connection disabled till the user
activates.
Select Authentication Type

Preshared Key authentication is a mechanism


whereby a single key is used for encryption and
Authentication Type Preshared Key decryption. Both the peers should have the
Preshared Key.

After selecting this option, mention the Key to be


used.
Local WAN Port <Select WAN Port) Select Local WAN Port.
Specify IP Address or host name of of remote
Remote Host *
end-point. Specify * for any IP Address.
Enable NAT traversal if a NAT device is located
Allow NAT Traversal Enabled between your VPN endpoints when remote peer
has private/non-routable IP Address.
Select IP Addresses and netmask of remote
Remote LAN Network Any IP Host network which is allowed to connect to the
appliance server through VPN tunnel.
Specify the Local Port number that the local VPN
peer uses to transport traffic related to TCP or
UDP protocol.
Local Port 1701
Specify * for any port.

Default - 1701
Specify the Remote Port number that the remote
VPN peer uses to transport traffic related to TCP
Remote Port * or UDP protocol.

Specify * for any port.


How To Configure L2TP VPN between Cyberoam and Windows 7

Click OK to save the connection.

Step 4: Activate Connection


Click the red icon under 'Active' column to activate the connection.
How To Configure L2TP VPN between Cyberoam and Windows 7

Windows 7 Configuration
Follow the steps below to configure the user machine to connect to Cyberoam using L2TP.

Step 1: Change the default Authentication Mechanism to Preshared Key


Go to Start Menu > Control Panel > Administrative Tools and double-click Windows Firewall with
Advanced Security. Select Properties to display the Windows Firewall with Advanced Security on
Local Computer window.

Switch to IPSec Settings tab and under IPSec Defaults, click Customize to display the Customize
IPSec Settings window.
How To Configure L2TP VPN between Cyberoam and Windows 7

Under Authentication Method, select Advanced and click Customize to display the Customize
Advanced Authentication Methods window.

Select the current First Authentication Method, in this case Computer (Kerberos V5) and click
Remove.
How To Configure L2TP VPN between Cyberoam and Windows 7

Click Add to add another First Authentication Method.

In the Add First Authentication Method screen, select Preshared Key and specify the Preshared Key
configured in Cyberoam (Cyberoam Configuration step 3).
How To Configure L2TP VPN between Cyberoam and Windows 7

Click OK in all the cascading windows.

Note:

Make sure that IPSec Policy Agent and IKE and AuthIP IPSec Keying Modules in the machine are
running without error.

Step 2: Create the L2TP Connection in User Machine


Go to Start > Control Panel > Network and Sharing Center and click Setup a new connection or
network. Follow further steps as per screens shown below.
How To Configure L2TP VPN between Cyberoam and Windows 7
How To Configure L2TP VPN between Cyberoam and Windows 7
How To Configure L2TP VPN between Cyberoam and Windows 7

Step 3: Configure Authentication Mechanism of the L2TP Connection


After Connection is established, click the Network symbol on the System Tray and right-click the
connection created in step 2. Click Properties to open the Properties window.

Switch to Security tab and click Advanced Settings under Types of VPN

In the L2TP tab, select Use preshared key for authentication and specify the key configured in
Cyberoam.
How To Configure L2TP VPN between Cyberoam and Windows 7

Click OK to save settings.

The above configuration establishes an L2TP connection between Cyberoam and a Windows 7
machine.

Document Version: 2.0 3 March, 2015