1. Manuals
  2. Brands
  3. Fortinet Manuals
  4. Gateway
  5. FortiGate v3.0 MR7
  6. User manual

Configuring Authentication Of L2Tp Vpn Users/User Groups; Configuring Authentication Of Remote Ipsec Vpn Users - Fortinet FortiGate v3.0 MR7 User Manual

User authentication
Hide thumbs
Table of Contents

Advertisement

VPN authentication
56
4
Enter Starting IP and Ending IP addresses. This defines the range of addresses
assigned to VPN clients.
5
Select the user group that is to have access to this VPN. The FortiGate unit
authenticates members of this user group.
6
Select Apply.
To configure authentication for a PPTP VPN - CLI
config vpn pptp
set eip <starting_ip>
set sip <ending_ip>
set status enable
set usrgrp <user_group_name>
end
You also need to define a firewall policy that permits packets to pass from VPN
clients with addresses in the specified range to IP addresses that the VPN clients
need to access on the private network behind the FortiGate unit. The Action for
this firewall policy is ACCEPT, not ENCRYPT, because the allowed user group is
defined in the PPTP VPN configuration, not in the firewall policy.
For detailed information about configuring PPTP, see the
User
Guide.

Configuring authentication of L2TP VPN users/user groups

Authentication of a FortiGate L2TP configuration must be done using the
config vpn l2tp CLI command.
To configure authentication for an L2TP VPN - CLI
config vpn l2tp
set eip <starting_ip>
set sip <ending_ip>
set status enable
set usrgrp <user_group_name>
end
For more information, see the

Configuring authentication of remote IPSec VPN users

An IPSec VPN on a FortiGate unit can authenticate remote users through a dialup
group. The user account name is the peer ID and the password is the pre-shared
key. For information about authentication using peer IDs and peer groups, see the
FortiGate IPSec VPN User
Authentication through user groups is supported for groups containing only local
users. To authenticate users using a RADIUS or LDAP server, you must configure
XAUTH settings. See
To configure user group authentication for dialup IPSec - web-based
manager
1
Configure the dialup users who are permitted to use this VPN. Create a user
group with Type:Firewall and add them to it.
For more information, see
FortiGate CLI
Reference.
Guide.
"Configuring XAuth authentication" on page
"Users/peers and user groups" on page
FortiOS v3.0 MR7 User Authentication User Guide
Configuring authenticated access
FortiGate PPTP VPN
58.
33.
01-30007-0347-20080828

Advertisement

Table of Contents
loading

Related Manuals for Fortinet FortiGate v3.0 MR7

Related Content for Fortinet FortiGate v3.0 MR7

Table of Contents

Save Article as PDF