The WatchGuard L2TP Setup Wizard helps you activate and configure Mobile VPN with L2TP. The setup wizard is only available when Mobile VPN with L2TP has not been activated. Any Mobile VPN with L2TP settings not configurable in the wizard are set to their default values. When you activate Mobile VPN with L2TP, IPSec is enabled by default.
When you configure Mobile VPN with L2TP, you select an authentication server and add users and groups for authentication. Make sure that the authentication server you want to use for L2TP user authentication is configured before you enable Mobile VPN with L2TP. Also, make sure that any users and groups you want to use are added to the authentication server.
For more information about supported user authentication methods for L2TP, see About L2TP User Authentication
You cannot configure Mobile VPN with L2TP if the device configuration already has a branch office VPN gateway that uses main mode and has a remote gateway with a dynamic IP address.
If you select more than one authentication server, users who use the non-default authentication server must specify the authentication server or domain as part of the user name. For more information and examples, see Connect from an L2TP VPN Client .
If you use the Firebox-DB for authentication you must use the L2TP-Users group that is created by default. You can add the names of other groups and users that use Mobile VPN with L2TP. For each group or user you add, you can select the authentication server where the group exists, or select Any if that group exists on more than one authentication server. The group or user name you add must exist on the authentication server. The group and user names are case sensitive and must exactly match the name on your authentication server.
For more information about virtual IP address pools, see Virtual IP Addresses and Mobile VPNs.
Use Pre-Shared Key
Type or paste the shared key. You must use the same pre-shared key in the IPSec settings on the L2TP client.
Use IPSec Firebox Certificate
Select the certificate to use from the table. You must have already imported a certificate to the XTM device to use this option.
For more information, see Certificates for Mobile VPN with L2TP Tunnel Authentication.
When you activate Mobile VPN with L2TP, Policy Manager automatically creates two policies to allow the traffic. For more information, see About L2TP Policies.
Edit the Mobile VPN with L2TP Configuration