Table of Contents
Advertisement
Configuring L2TP
188
Adding a destination address
Add an address to which L2TP users can connect.
1
Go to Firewall > Address.
2
Select the internal interface or the DMZ interface. (Methods will differ slightly between
FortiGate models.)
3
Select New to add an address.
4
Enter the Address Name, IP Address, and NetMask for a single computer or for an
entire subnetwork on an internal interface of the local VPN peer.
5
Select OK to save the source address.
Adding a firewall policy
Add a policy which specifies the source and destination addresses and sets the
service for the policy to the traffic type inside the L2TP VPN tunnel.
1
Go to Firewall > Policy.
2
Select New to add a new policy.
3
Set Source to the group that matches the L2TP address range.
4
Set Destination to the address to which L2TP users can connect.
5
Set Service to match the traffic type inside the L2TP VPN tunnel.
For example, if L2TP users can access a web server, select HTTP.
6
Set Action to ACCEPT.
7
Select NAT if address translation is required.
You can also configure traffic shaping, logging, and antivirus and web filter settings for
L2TP policies.
8
Select OK to save the firewall policy.
PPTP and L2TP VPN
Fortinet Inc.
Advertisement
Table of Contents
