## CentreCOM AR560S 設定例集 2.9 ## 106 L2TPによるリモートアクセス型LAN間接続(ファイアウォールあり) ## ルーターB(LNS)のコンフィグ ENABLE L2TP ENABLE L2TP SERVER=BOTH SET L2TP PASSWORD=L2TPB CREATE PPP TEMPLATE=1 MULTI=OFF BAP=OFF IPPOOL=POOL AUTHENTICATION=EITHER CREATE IP POOL=POOL IP=192.168.20.100-192.168.20.120 ADD L2TP IP=0.0.0.0-255.255.255.255 PPPTEMPLATE=1 ADD USER=AAA PASSWORD=PasswordA LOGIN=NO CREATE PPP=0 OVER=eth0-ANY IPREQUEST=ON SET PPP=0 OVER=eth0-ANY USER=user@ispB PASSWORD=isppasswdB LQR=OFF BAP=OFF ECHO=ON ENABLE IP ENA IP REMOTE ADD IP INT=vlan1-0 IP=200.100.10.1 MASK=255.255.255.240 ADD IP INT=vlan1-1 IP=192.168.20.1 MASK=255.255.255.0 ADD IP INT=ppp0 IP=0.0.0.0 ADD IP ROUTE=0.0.0.0 INT=ppp0 NEXT=0.0.0.0 ENABLE FIREWALL CREATE FIREWALL POLICY=NET ENABLE FIREWALL POLICY=NET ICMP_F=PING,UNREACH DISABLE FIREWALL POLICY=NET IDENTPROXY CREATE FIREWALL POLICY=NET DYNAMIC=L2TPINT ADD FIREWALL POLICY=NET DYNAMIC=L2TPINT USER=ANY ADD FIREWALL POLICY=NET INT=vlan1-0 TYPE=PRIVATE ADD FIREWALL POLICY=NET INT=vlan1-1 TYPE=PRIVATE ADD FIREWALL POLICY=NET INT=ppp0 TYPE=PUBLIC ADD FIREWALL POLICY=NET INT=DYN-L2TPINT TYPE=PRIVATE ADD FIREWALL POLICY=NET NAT=ENHANCED INT=vlan1-1 GBLINT=ppp0 GBLIP=200.100.10.1 ADD FIREWALL POLICY=NET RULE=1 AC=ALLOW INT=ppp0 PROT=UDP PORT=1701 IP=200.100.10.1 GBLIP=200.100.10.1