[ATP/FLEX] How to Set Up L2TP over IPSec VPN with Cloud Authentication on Nebula?

Zyxel_James
Zyxel_James Posts: 663  Zyxel Employee
Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers
edited June 2023 in VPN

Nebula Control Center provides a VPN solution that allows L2TP VPN users to connect through Cloud Authentication. This guide will assist in the configuration of Nebula L2TP VPN with Cloud Authentication.


Configure Steps

1. Configure VPN accounts for Cloud Authentication


Navigate to Configure > Cloud Authentication, click +Add to create user profiles.

2. Configure the user profile

Input user’s Email, username, password, and tick VPN Access.


3.  L2TP over IPsec Remote VPN configuration

- Navigate to Configure > Firewall > Remote Access VPN, input the secret, and select Nebula Cloud Authentication as the Authentication method.

- Input VPN users' Email addresses and click Send Email. The configuration script will be sent to the provided addresses.



4. Receive Email with VPN provisioning script

Once the Email is sent, users will receive an Email from info@nebula.zyxel.com with Windows and masOS VPN provisioning scripts.


5. Install VPN configuration script and connect to L2TP VPN

- The .batfile file is for Windows, and the .mobileconfig file is for macOS. Due to security restrictions, the .batfile file needs to be renamed to .bat before execution.

- Double-click on the .bat file to create a VPN connection on Windows VPN settings

- Click Connect and input the credentials.


Test the Result


Navigate to Monitor > Firewall > VPN connection > Client to site VPN login account, you will see the IP address you get from Client VPN subnet


Open cmd.exe and input “ipconfig”, you will see your client VPN IP address, and ping local network device successfully