Configuring VPNs without FortiClient Endpoint Security
FortiClient Endpoint Security Version 4.0 MR1 Administration Guide
04-40001-99556-20090626
http://docs.fortinet.com/
•
Feedback
2 Select New.
3 Enter the following information:
Connection Name
Configuration
Remote Gateway
Remote Network
Authentication Method
Pre-shared Key
X509 Certificate
4 Select Advanced if you need to:
• modify IKE or IPSec settings (see "Configuring IKE and IPSec policies" in the
FortiClient Endpoint Security User
• configure the FortiClient VPN to use a virtual IP address
• add the IP addresses of additional networks behind the remote gateway
• configure Internet browsing over IPSec
• configure extended authentication (XAUTH)
The Advanced Settings window opens. This is the starting point for the rest of the
procedures in this section.
To configure the virtual IP address
In the Advanced Settings window, do the following:
1 Select Acquire virtual IP address and then select Config.
2 In the Virtual IP Acquisition window, do one of the following:
• Select Dynamic Host Configuration Protocol (DHCP) over IPSec.
• Select Manually Set and enter the IP address, Subnet Mask, DNS Server and WINS
Server addresses as required.
3 Select OK.
To add additional remote networks to a connection
In the Advanced Settings window, do the following:
1 In the Remote Network section, select Add.
2 In the Network Editor window, enter the IP Address and Subnet mask of the remote
network and then select OK.
3 Repeat Steps
1
and
2
You can specify up to 16 remote networks.
4 Select OK.
To enable Internet browsing over IPSec
In the Advanced Settings window, do the following:
1 In the Remote Network section, select Add.
Enter a descriptive name for the connection.
Select Manual
Enter the IP address or the fully qualified domain name (FQDN) of
the remote gateway.
Enter the IP address and netmask of the network behind the
FortiGate unit.
Select Pre-shared Key or X509 Certificate.
Enter the pre-shared key. This is available if Authentication
Method is Pre-shared Key.
Select the X509 Certificate. The certificate must already be
configured. This field is available if Authentication Method is
X509 Certificate.
Guide)
for each additional network that you want to add.
Using the FortiClient VPN Editor
49
Need help?
Do you have a question about the Version 4.0 MR1 and is the answer not in the manual?