264
7
7. Virtual Private Networking
Using IPSec, PPTP, or L2TP Connections
This chapter describes how to use the IP security (IPSec) virtual private networking (VPN)
features of the UTM to provide secure, encrypted communications between your local network
and a remote network or computer. This chapter contains the following sections:
• Use the IPSec VPN Wizard for Client and Gateway Configurations
• Test the Connection and View Connection and Status Information
• Manage IPSec VPN and IKE Policies
• Configure Extended Authentication (XAUTH)
• Assign IP Addresses to Remote Users (Mode Config)
• Configure Keep-Alives and Dead Peer Detection
• Configure NetBIOS Bridging with IPSec VPN
• Configure the PPTP Server
• Configure the L2TP Server
• For More IPSec VPN Information
Considerations for Dual WAN Port Systems
(Multiple WAN Port Models Only)
On the multiple WAN port models only, if two WAN ports are configured, you can enable
either auto-rollover mode for increased system reliability or load balancing mode for optimum
bandwidth efficiency. Your WAN mode selection impacts how the VPN features need to be
configured.
Note: For the UTM9S and UTM25S only, you can also use a DSL interface
in combination with a WAN interface for VPN tunnel failover.
The use of fully qualified domain names (FQDNs) in VPN policies is mandatory when the
WAN ports function in auto-rollover mode or load balancing mode, and is also required for
VPN tunnel failover. When the WAN ports function in load balancing mode, you cannot
configure VPN tunnel failover. An FQDN is optional when the WAN ports function in load