Configuring l2tp, Configuring the fortigate unit as an l2tp gateway – Fortinet FortiGate-800 User Manual

Page 263

background image

PPTP and L2TP VPN

Configuring L2TP

FortiGate-800 Installation and Configuration Guide

263

Configuring L2TP

Some implementations of L2TP support elements of IPSec. These elements must be
disabled when L2TP is used with a FortiGate unit.

This section describes:

Configuring the FortiGate unit as an L2TP gateway

Configuring a Windows 2000 client for L2TP

Configuring a Windows XP client for L2TP

Configuring the FortiGate unit as an L2TP gateway

Use the following procedures to configure the FortiGate unit as an L2TP gateway:

To add users and user groups

Add a user for each L2TP client.

1

Go to User > Local.

2

Add and configure L2TP users.
See

“Adding user names and configuring authentication” on page 224

.

3

Go to User > User Group.

4

Add and configure L2TP user groups.
See

“Configuring user groups” on page 229

.

To enable L2TP and specify an address range

1

Go to VPN > L2TP > L2TP Range.

2

Select Enable L2TP.

3

Enter the Starting IP and the Ending IP for the L2TP address range.

4

Select the User Group that you added in

“To add users and user groups” on page 263

.

5

Select Apply to enable L2TP through the FortiGate unit.

Note: L2TP VPNs are only supported in NAT/Route mode.