L2TP Server firewall?


I need to configure a firewall on my L2TP server to accept IP ranges to specific users, but I noticed that I cannot assign a firewall to an L2TP interface.

Can anyone think of anything?


What version you are using it??
In 1.4 it should be possible: Firewall — VyOS 1.4.x (sagitta) documentation


I am using Vyos 1.3, its posible with TLS version?


You have to use zone based firewall, it support interface l2tp+ or l2tp*

I can’t get it to work.

I have 10 users with static IPs and outbound NAT on all interfaces. I need to accept all the traffic through the L2TP on some specific user IPs, to be able to connect from one client to another client, the traffic goes through the Vyos and as the traffic from one interface is natted out, I don’t have the source ip of the clients.

Any ideas?