PPTP and L2TP VPN
Configuring L2TP
FortiGate-50A Installation and Configuration Guide
211
To add a destination address
Add an address to which L2TP users can connect.
1
Go to
Firewall > Address
.
2
Select the internal interface.
3
Select New to add an address.
4
Enter the Address Name, IP Address, and NetMask for a single computer or for an
entire subnetwork on an internal interface of the local VPN peer.
5
Select OK to save the source address.
To add a firewall policy
Add a policy that specifies the source and destination addresses and sets the service
for the policy to the traffic type inside the L2TP VPN tunnel.
1
Go to
Firewall > Policy
.
2
Select the Ext
->
Int policy list.
3
Select New to add a policy.
4
Set Source to the group that matches the L2TP address range.
5
Set Destination to the address to which L2TP users can connect.
6
Set Service to match the traffic type inside the L2TP VPN tunnel.
For example, if L2TP users can access a web server, select HTTP.
7
Set Action to ACCEPT.
8
Select NAT if address translation is required.
You can also configure traffic shaping, logging, and antivirus and web filter settings for
L2TP policies.
9
Select OK to save the firewall policy.
Configuring a Windows 2000 client for L2TP
Use the following procedure to configure a client computer running Windows 2000 so
that it can connect to a FortiGate L2TP VPN.
To configure an L2TP dialup connection
1
Go to
Start > Settings > Network and Dial-up Connections
.
2
Double-click Make New Connection to start the Network Connection Wizard and
select Next.
3
For Network Connection Type, select Connect to a private network through the
Internet and select Next.
4
For Destination Address, enter the address of the FortiGate unit to connect to and
select Next.
5
Set Connection Availability to Only for myself and select Next.
6
Select Finish.
7
In the Connect window, select Properties.
Содержание FortiGate 50A
Страница 12: ...Contents 12 Fortinet Inc ...
Страница 32: ...32 Fortinet Inc Next steps Getting started ...
Страница 40: ...40 Fortinet Inc Completing the configuration NAT Route mode installation ...
Страница 72: ...72 Fortinet Inc Session list System status ...
Страница 112: ...112 Fortinet Inc Configuring the modem interface Network configuration ...
Страница 120: ...120 Fortinet Inc Adding RIP filters RIP configuration ...
Страница 170: ...170 Fortinet Inc Content profiles Firewall configuration ...
Страница 224: ...224 Fortinet Inc Logging attacks Network Intrusion Detection System NIDS ...
Страница 230: ...230 Fortinet Inc Viewing the virus list Antivirus protection ...
Страница 244: ...244 Fortinet Inc Exempt URL list Web filtering ...
Страница 262: ...262 Fortinet Inc Glossary ...
Страница 272: ...272 Fortinet Inc Index ...