HELP WITH ROUTING BY l2TP vpn



  • I have l2TP VPN “TestL2TP”

    BY user ANOVIKOV i get L2TP (i recieve IP-address 192.168.20.5) and i can ping 192.168.20.1, but i can’t see (i can’t ping) another worksation in this LAN.
    what’s wrong, help please!!!

    Config here:

    set user “ALebedev” "enable"
    set user “ANovikov” uid 1
    set user “ANovikov” type  l2tp
    set user “ANovikov” remote ippool "TestPool"
    set user “ANovikov” remote ipaddr "192.168.20.5"
    set user “ANovikov” remote dns1 "X.X.1.1"
    set user “ANovikov” remote dns2 "X.X.2.3"
    set user “ANovikov” password "xxxxxxxx"
    unset user “ANovikov” type auth
    set user “ANovikov” "enable"
    set ike respond-bad-spi 1
    set l2tp default dns1 X.X.1.1
    set l2tp default dns2 X.X.2.3
    set l2tp default ippool "TestPool"
    set l2tp “TestL2TP” id 1 outgoing-interface ethernet3 keepalive 60
    set l2tp “TestL2TP” remote-setting ippool "TestPool"
    set l2tp “TestL2TP” auth server “Local” user "ANovikov"
    set l2tp “L2TP-for-Internal” id 2 outgoing-interface ethernet3 keepalive 60
    set l2tp “L2TP-for-Internal” remote-setting ippool “Poolinternal” dns1 10.33.30.248
    set l2tp “L2TP-for-Internal” auth server “Local” user "ALebedev"
    set policy id 11 from “DMZ” to “Untrust”  “Any” “192.168.20.5/32” “ANY” permit log count
    set policy id 10 from “V1-Untrust” to “V1-DMZ”  “Any” “Any” “ANY” permit log count
    set policy id 9 from “DMZ” to “Untrust”  “Any” “192.168.20.6/24” “ANY” permit log count
    set policy id 8 from “DMZ” to “Untrust”  “192.168.20.4/32” “Any” “ANY” permit log count
    set policy id 1 from “Trust” to “Untrust”  “Any” “Any” “ANY” permit log
    set policy id 2 from “Untrust” to “Trust”  “Any” “Any” “ANY” permit log
    set policy id 3 from “Untrust” to “DMZ”  “Any” “Any” “ANY” tunnel l2tp “TestL2TP” log
    set policy id 4 from “Trust” to “DMZ”  “Any” “Any” “ANY” permit log
    set policy id 5 from “DMZ” to “Trust”  “Any” “Any” “ANY” permit log
    set policy id 7 from “Trust” to “DMZ”  “Any” “Any” “ANY” permit log
    set policy id 12 from “DMZ” to “Untrust”  “Any” “Any” “ANY” tunnel l2tp “TestL2TP” log
    set policy id 16 from “Untrust” to “DMZ”  “Any” “MIP(X.X.X.2)” “ANY” permit
    set dns host dns1 X.X.1.1
    set dns host dns2 X.X.2.3
    set pki authority default scep mode "auto"
    set pki x509 default cert-path partial
    set ssh version v2
    set config lock timeout 5
    set snmp port listen 161
    set snmp port trap 162
    set vrouter "untrust-vr"
    exit
    set vrouter "trust-vr"
    unset add-default-route
    set route  X.X.X.2/29 interface ethernet1 gateway X.X.X.3
    set route  0.0.0.0/0 interface ethernet2 gateway X.X.X.1
    set route  0.0.0.0/0 interface ethernet1 gateway 192.168.20.1
    set route  10.33.31.0/24 interface ethernet1 gateway 10.33.30.250
    set route  10.33.32.0/24 interface ethernet1 gateway 10.33.30.250
    set route  192.168.2.0/24 interface ethernet1 gateway 10.33.30.250
    set route  192.168.6.0/24 interface ethernet1 gateway 10.33.30.250
    set route  192.168.10.0/24 interface ethernet1 gateway 10.33.30.250
    set route  192.168.20.0/24 interface tunnel.1
    exit


 

34
Online

38.4k
Users

12.7k
Topics

44.5k
Posts