If you have added PPTP and L2TP user names and passwords and configured RADIUS support, when a PPTP
or L2TP user connects to a DFL-1000, their user name and password are checked against the DFL-1000 PPTP
or L2TP user name and password list. If a match is not found, the DFL-1000 contacts the RADIUS server for
authentication.
Adding RADIUS server addresses
You can install your RADIUS server on the Internet or on the DMZ or internal networks. No special DFL-
1000 configuration is required for RADIUS support for PPTP and L2TP other than what is described
below. If you want non-VPN users to be able to connect to a RADIUS server installed on your DMZ or
internal network, you must add firewall policies to grant access to the server from the Internet.
To configure the DFL-1000 for RADIUS authentication:
•
Go to
VPN > RADIUS
.
•
Enter the server name or IP address of your primary RADIUS server.
•
Enter the primary RADIUS server secret.
•
Optionally, enter the server name or IP address and secret for your secondary RADIUS server.
•
Click Apply.
Example RADIUS configuration:
Turning on RADIUS authentication for PPTP
To turn on RADIUS authentication for PPTP users:
•
Go to
VPN > PPTP > PPTP Range
.
•
Click to check Enable RADIUS.
•
Click Apply.
Turning on RADIUS authentication for L2TP
To turn on RADIUS authentication for L2TP users:
•
Go to
VPN > L2TP > L2TP Range
.
•
Click to check Enable RADIUS.
•
Click Apply.
DFL-1000 User’s Manual
67