Ipsec and router interfaces, L2tpd, Ipsec vpn configuration – RuggedCom RuggedRouter RX1100 User Manual

16. Configuring IPsec VPN

Revision 1.14.3

147

RX1000/RX1100™

connection can be used without change at either end. One side of the connection (typically the local
side) is designated the “left” side and the other is designated the “right” side.

A convenient method is to configure both ends simultaneously, having two browser windows up. The
relevant information is cut and pasted from window to window.

This module also includes tools to export and import the connection data. The configuration can thus
be generated at one router, exported, and imported at the remote router.

16.1.1.9. IPsec and Router Interfaces

The IPsec daemon requires router interfaces to exist before it starts. If none of the interfaces needed
by IPsec exist, IPsec will check for them every minute until at least one does.

Note that in the unlikely event that IPsec uses multiple network interfaces, a stop of any of those
interfaces will cause all tunnels to stop.

IPsec may have to be manually restarted after configuring network interfaces when multiple tunnels
exist.

16.1.1.10. L2TPD

L2TP stands for “Layer Two Tunneling Protocol”. The main purpose of this protocol is to tunnel PPP
packets through an IP network, although it is also able to tunnel other layer 2 protocols.

On RuggedRouter, L2TPd is used in conjunction with Openswan and PPP to provide support for
establishing a secure, private connection with the router using the Microsoft Windows VPN/L2TP
client.

Note

L2TPD listens on UDP port 1701. The firewall will need to be configured to allow connections to
L2TPD via IPSec but to prevent connections to L2TPD directly without using IPsec.

16.2. IPsec VPN Configuration

16.2.1. VPN Main Menu Before Key Generation

Figure 16.1. IPsec VPN Configuration Menu Before Key Generation