[ATP/FLEX] How to Set Up L2TP over IPSec VPN with Cloud Authentication on Nebula?

Zyxel_James
Zyxel_James Posts: 346
Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 25 Answers
 Zyxel Employee
edited June 2022 in VPN

Nebula Control Center provides a VPN solution that allows L2TP VPN users to connect through Cloud Authentication. This guide will assist in the configuration of Nebula L2TP VPN with Cloud Authentication.


Configure Steps

1. Configure VPN accounts for Cloud Authentication


Navigate to Site-wide > Configure > Cloud Authentication, click +Add to create user profiles.

2. Configure the user profile

Input user’s Email, username, password, and tick VPN Access.


3.  L2TP over IPsec Remote VPN configuration

- Navigate to Firewall > Configure > Remote Access VPN, input the secret, and select Nebula Cloud Authentication as the Authentication method.

- Input VPN users' Email addresses and click Send Email. The configuration script will be sent to the provided addresses.



4. Receive Email with VPN provisioning script

Once the Email is sent, users will receive an Email from [email protected] with Windows and masOS VPN provisioning scripts.


5. Install VPN configuration script and connect to L2TP VPN

- The .batfile file is for Windows, and the .mobileconfig file is for macOS. Due to security restrictions, the .batfile file needs to be renamed to .bat before execution.

- Double-click on the .bat file to create a VPN connection on Windows VPN settings

- Click Connect and input the credentials.


Test the Result


Navigate to Firewall > Monitor > VPN connection > Client to site VPN login account, you will see the IP address you get from Client VPN subnet


Open cmd.exe and input “ipconfig”, you will see your client VPN IP address, and ping local network device successfully