
PPTP and L2TP VPN | Configuring L2TP |
|
|
Figure 32: Sample L2TP address range configuration
6Add the addresses from the L2TP address range to the External zone address list. The addresses can be grouped into an External address group.
7Add addresses to the destination zone address list to control the addresses to which L2TP clients can connect. The addresses can be grouped into an address group.
For example, if you want L2TP users to connect to the Internal zone add addresses to the Internal zone address list.
8Add a policy to allow L2TP clients to connect through the FortiGate unit.
Adding a source address
Add a source address for every address in the L2TP address range.
1Go to Firewall > Address.
2Select the interface to which L2TP clients connect. This can be an interface, VLAN subinterface, or zone.
3Select New to add an address.
4Enter the Address Name, IP Address, and NetMask for an address in the L2TP address range.
5Select OK to save the source address.
6Repeat for all addresses in the L2TP address range.
Note: If the L2TP address range is comprised of an entire subnet, add an address for this subnet. Do not add an address group.
Adding an address group
Organize the source addresses into an address group.
1 Go to Firewall > Address > Group.
243 |