VPN
PPTP
FortiGate-500A Administration Guide
01-28006-0100-20041105
263
PPTP
You can set up VPN connections between FortiGate units and remote Windows
clients using Point-to-Point Tunneling Protocol (PPTP).
Setting up a PPTP-based VPN
Using PPTP, you can create a virtual private network (VPN) between a remote client
PC running Windows and your internal network behind a FortiGate unit. Because it is
a Windows standard, PPTP does not require third-party software on the client
computer. If your Internet Service Provider (ISP) supports PPTP connections through
its network, you can create a secure connection by making simple configuration
changes to the client computer and the FortiGate unit.
To create a PPTP VPN configuration
1
Add a user group to the FortiGate unit.
The PPTP clients must be authenticated before being allowed to start a VPN tunnel.
To enable authentication, you must add a user group to the FortiGate unit. Within the
user group, add a user name for each PPTP client. You can add users to the
FortiGate user database, to authentication servers (RADIUS or LDAP), or to both. See
“Users and authentication” on page 237
.
2
Enable PPTP and specify a PPTP address range. See
“Enabling PPTP and specifying
a PPTP range” on page 264
.
3
Add a source address range for the firewall policy. The source address range must
match the range of PPTP addresses. See
“To add an address” on page 204
.
Name
The name of the tunnel.
Remote gateway
The IP address and UDP port of the remote gateway. For dynamic DNS
tunnels, the IP address is updated dynamically.
Timeout
The time before the next key exchange. The time is calculated by
subtracting the time elapsed since the last key exchange from the keylife.
Proxy ID Source
The IP address range that VPN users of this tunnel can connect to.
Proxy ID
Destination
The IP address range from which VPN users of this tunnel can connect.
Bring down
tunnel icon
Take down the selected VPN tunnel. The remote VPN peer may have to
reconnect to establish a new VPN session.
Bring up tunnel
icon
Establish the selected VPN tunnel.
Note:
PPTP VPNs are only supported in NAT/Route mode.
Summary of Contents for FortiGate FortiGate-500A
Page 24: ...24 01 28006 0100 20041105 Fortinet Inc Customer service and technical support Introduction...
Page 46: ...46 01 28006 0100 20041105 Fortinet Inc Changing the FortiGate firmware System status...
Page 72: ...72 01 28006 0100 20041105 Fortinet Inc FortiGate IPv6 support System network...
Page 80: ...80 01 28006 0100 20041105 Fortinet Inc Dynamic IP System DHCP...
Page 110: ...110 01 28006 0100 20041105 Fortinet Inc FortiManager System config...
Page 116: ...116 01 28006 0100 20041105 Fortinet Inc Access profiles System administration...
Page 134: ...134 01 28006 0100 20041105 Fortinet Inc Shutdown System maintenance...
Page 248: ...248 01 28006 0100 20041105 Fortinet Inc CLI configuration Users and authentication...
Page 324: ...324 01 28006 0100 20041105 Fortinet Inc CLI configuration Antivirus...
Page 386: ...386 01 28006 0100 20041105 Fortinet Inc Glossary...
Page 394: ...394 01 28006 0100 20041105 Fortinet Inc Index...