PPTP and L2TP VPN Configuring L2TP
FortiGate-400 Installation and Configuration Guide 243
Figure 32: Sample L2TP address range configuration
6 Add the addresses from the L2TP address range to the External zone address list.
The addresses can be grouped into an External address group.
7 Add addresses to the destination zone address list to control the addresses to which
L2TP clients can connect. The addresses can be grouped into an address group.
For example, if you want L2TP users to connect to the Internal zone add addresses to
the Internal zone address list.
8 Add a policy to allow L2TP clients to connect through the FortiGate unit.
Adding a source address
Add a source address for every address in the L2TP address range.
1 Go to Firewall > Address.
2 Select the interface to which L2TP clients connect.
This can be an interface, VLAN subinterface, or zone.
3 Select New to add an address.
4 Enter the Address Name, IP Address, and NetMask for an address in the L2TP
address range.
5 Select OK to save the source address.
6 Repeat for all addresses in the L2TP address range.
Adding an address group
Organize the source addresses into an address group.
1 Go to Firewall > Address > Group.
Note: If the L2TP address range is comprised of an entire subnet, add an address for
this subnet. Do not add an address group.
To Next Page
Loading...
