VPN PPTP
FortiGate-3000 Administration Guide 01-28006-0010-20041105 267
PPTP
You can set up VPN connections between FortiGate units and remote Windows
clients using Point-to-Point Tunneling Protocol (PPTP).
Setting up a PPTP-based VPN
Using PPTP, you can create a virtual private network (VPN) between a remote client
PC running Windows and your internal network behind a FortiGate unit. Because it is
a Windows standard, PPTP does not require third-party software on the client
computer. If your Internet Service Provider (ISP) supports PPTP connections through
its network, you can create a secure connection by making simple configuration
changes to the client computer and the FortiGate unit.
To create a PPTP VPN configuration
1 Add a user group to the FortiGate unit.
The PPTP clients must be authenticated before being allowed to start a VPN tunnel.
To enable authentication, you must add a user group to the FortiGate unit. Within the
user group, add a user name for each PPTP client. You can add users to the
FortiGate user database, to authentication servers (RADIUS or LDAP), or to both. See
“Users and authentication” on page 241.
2 Enable PPTP and specify a PPTP address range. See “Enabling PPTP and specifying
a PPTP range” on page 268.
3 Add a source address range for the firewall policy. The source address range must
match the range of PPTP addresses. See “To add an address” on page 208.
Name The name of the tunnel.
Remote gateway The IP address and UDP port of the remote gateway. For dynamic DNS
tunnels, the IP address is updated dynamically.
Timeout The time before the next key exchange. The time is calculated by
subtracting the time elapsed since the last key exchange from the keylife.
Proxy ID Source The IP address range that VPN users of this tunnel can connect to.
Proxy ID
Destination
The IP address range from which VPN users of this tunnel can connect.
Bring down
tunnel icon
Take down the selected VPN tunnel. The remote VPN peer may have to
reconnect to establish a new VPN session.
Bring up tunnel
icon
Establish the selected VPN tunnel.
Note: PPTP VPNs are only supported in NAT/Route mode.
To Next Page
Loading...
Need help?
General