L2TP VPN

learning outcome

  • How to configure VPN on devices

  • How to configure Checkpoint

  • How to create remote users

  • How to create L2TP connection

Diagram of the Network

Table of IP addresses

Device Name

IP addresses

Checkpoint Firewall

192.168.1.1

PC (VPN Client)

142.232.197.224

VPN

172.16.10.3/4

Introduction

In this project, we are configuring Check Point security with L2TP VPN. The purpose of this project is to learn how to enhance network security and enable remote access. This will allow us to create a secure layer 2 tunnel for remote users to access our network.

Leveraging Check Point is a powerful solution for organizations seeking network security, with addition to L2TP VPN allowing remote access for employees or any other individual who may need secure and confidential access.

Step 1: Setting up Checkpoint Router

  1. In Authentication Details, put in your credentials such as Username: Admin and create your own password. Double check that your passwords are the same. Normally we would check Enforce password security, but for this instance we will not be selecting that.

  2. Configure Appliance Date and Time settings. Configure it for today's date, and your personal timezone.

  3. Name the Appliance Name: GW-8

  4. Select Local Management for the Security Policy Management

  5. Select DHCP

  6. Keep default Local Network settings

  7. For Administrator Access make sure VPN and LAN are selected

  8. Wait to Obtain Checkpoint License

  9. Keep all default Software Activations

  10. Take a screenshot showing the 2 green checkmarks and that DHCP is enabled.

Step 2: Remote Access Users

  1. Select VPN on the left column, and then expand Remote Access. Select Remote Access Users.

  2. Select Add and continue with requested information. Ensure Remote Access permissions is checked.

  3. Select Apply.

Step 3: L2TP Configuration

  1. From Menu, click VPN on the side panel > Under Remote Access, click Blade Control

  2. Under VPN Remote Access Users, make sure Windows VPN Client is checked

  1. Click on L2TP pre-shared key > Make a pre-shared key > Click Apply

Step 4: Connect to VPN on Windows Client

  1. Open Settings > VPN Settings > Add VPN

  2. Connection name: L2TP

  3. Server name or address: 142.232.197.58

  4. VPN Type: L2TP/IPsec with Pre-Shared Key

  5. Enter your Pre-shared key

  6. Leave username and password sign in blank

  7. Click connect

  8. Enter in your user you created in step 2.

  9. To find your VPN connection, click Windows + R and type in “ncpa.cpl” in the Run dialogue box.

  10. Look for the VPN you created and right click on it and select Properties.

  11. Under Security, ensure “Optional encryption” is selected under Data encryption.

  12. Check the Unencrypted password (PAP) box.and click OK.

  13. Right click on the VPN you created and select Connect

Step 5: Verify Ping

Host Computer

L2TP VPN Users

Team: Blaire M, Brooke A, Jesse G, Hung H, Umika G, Daniel B

PreviousThreat PreventionNextSSL VPN

Last updated