Contents
FortiGate-100 Installation and Configuration Guide 9
Configuring LDAP support.... .......................................................................................... 177
Adding LDAP servers..................................................................................... ............. 177
Deleting LDAP servers................................................................................... ............. 178
Configuring user groups.................................................................................................. 179
Adding user groups........................................................ ............................................. 179
Deleting user groups......................................................... .......................................... 180
IPSec VPN........................................................................................................... 181Key management............................................................................... ............................. 182
Manual Keys ............................................................................................................... 182
Automatic Internet Key Exchange (AutoIKE) with pre-shared keys or certificates ..... 182
Manual key IPSec VPNs.................................................................... ............................. 183
General configuration steps for a manual key VPN................................. ................... 183
Adding a manual key VPN tunnel.. ............................................................................. 183
AutoIKE IPSec VPNs.................................. .................................................................... 185
General configuration steps for an AutoIKE VPN ....................................................... 185
Adding a phase 1 configuration for an AutoIKE VPN.................................................. 185
Adding a phase 2 configuration for an AutoIKE VPN.................................................. 189
Managing digital certificates............................................................................................ 191
Obtaining a signed local certificate ............................................................................. 191
Obtaining a CA certificate ........................................................................................... 195
Configuring encrypt policies............................................................................ ................ 196
Adding a source address.. .......................................................................................... 197
Adding a destination address................................................................................... ... 197
Adding an encrypt policy............................................................. ................................ 197
IPSec VPN concentrators..... .......................................................................................... 199
VPN concentrator (hub) general configuration steps..................................... ............. 199
Adding a VPN concentrator ........................................................................................ 201
VPN spoke general configuration steps................................................... ................... 202
Redundant IPSec VPNs.................................................................................................. 203
Configuring redundant IPSec VPN ............................................................................. 203
Monitoring and Troubleshooting VPNs.................... ....................................................... 205
Viewing VPN tunnel status................................................................................. ......... 205
Viewing dialup VPN connection status ....................................................................... 205
Testing a VPN...................................................... ....................................................... 206
PPTP and L2TP VPN.......................................................................................... 207Configuring PPTP.............. ............................................................................................. 207
Configuring the FortiGate unit as a PPTP gateway .................................................... 208
Configuring a Windows 98 client for PPTP................. ................................................ 210
Configuring a Windows 2000 client for PPTP.......... ................................................... 211
Configuring a Windows XP client for PPTP ................................................................ 212