Contents

Configuring LDAP support

177

Adding LDAP servers

177

Deleting LDAP servers

178

Configuring user groups

179

Adding user groups

179

Deleting user groups

180

IPSec VPN

181

Key management

182

Manual Keys

182

Automatic Internet Key Exchange (AutoIKE) with pre-shared keys or certificates

182

Manual key IPSec VPNs

183

General configuration steps for a manual key VPN

183

Adding a manual key VPN tunnel

183

AutoIKE IPSec VPNs

185

General configuration steps for an AutoIKE VPN

185

Adding a phase 1 configuration for an AutoIKE VPN

185

Adding a phase 2 configuration for an AutoIKE VPN

189

Managing digital certificates

191

Obtaining a signed local certificate

191

Obtaining a CA certificate

195

Configuring encrypt policies

196

Adding a source address

197

Adding a destination address

197

Adding an encrypt policy

197

IPSec VPN concentrators

199

VPN concentrator (hub) general configuration steps

199

Adding a VPN concentrator

201

VPN spoke general configuration steps

202

Redundant IPSec VPNs

203

Configuring redundant IPSec VPN

203

Monitoring and Troubleshooting VPNs

205

Viewing VPN tunnel status

205

Viewing dialup VPN connection status

205

Testing a VPN

206

PPTP and L2TP VPN

207

Configuring PPTP

207

Configuring the FortiGate unit as a PPTP gateway

208

Configuring a Windows 98 client for PPTP

210

Configuring a Windows 2000 client for PPTP

211

Configuring a Windows XP client for PPTP

212

FortiGate-100 Installation and Configuration Guide

9

Page 9
Image 9
Fortinet 100 user manual IPSec VPN 181