Fortinet FortiGate-800 User Manual

264

Fortinet Inc.

Configuring L2TP

PPTP and L2TP VPN

Figure 65: Sample L2TP address range configuration

To add source addresses

Add a source address for every address in the L2TP address range.

1

Go to Firewall > Address.

2

Select the interface to which L2TP clients connect.
This can be an interface, VLAN subinterface, or zone.

3

Select New to add an address.

1

Enter the Address Name, IP Address, and NetMask for an address in the L2TP
address range.

2

Select OK to save the source address.

3

Repeat for all addresses in the L2TP address range.

To add a source address group

Organize the source addresses into an address group.

1

Go to Firewall > Address > Group.

2

Add a new address group to the interface to which L2TP clients connect.
This can be an interface, VLAN subinterface, or zone.

3

Enter a Group Name to identify the address group.
The name can contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and
the special characters - and _. Other special characters and spaces are not allowed.

4

To add addresses to the address group, select an address from the Available
Addresses list and select the right arrow to add it to the Members list.

5

To remove addresses from the address group, select an address from the Members
list and select the left arrow to remove it from the group.

Note: If the L2TP address range is comprised of an entire subnet, add an address for this
subnet. Do not add an address group.