Contents

AutoIKE IPSec VPNs

182

General configuration steps for an AutoIKE VPN

183

Adding a phase 1 configuration for an AutoIKE VPN

183

Adding a phase 2 configuration for an AutoIKE VPN

188

Managing digital certificates

190

Obtaining a signed local certificate

190

Obtaining CA certificates

192

Configuring encrypt policies

193

Adding a source address

194

Adding a destination address

194

Adding an encrypt policy

195

IPSec VPN concentrators

196

VPN concentrator (hub) general configuration steps

197

Adding a VPN concentrator

198

VPN spoke general configuration steps

199

Monitoring and Troubleshooting VPNs

201

Viewing VPN tunnel status

201

Viewing dialup VPN connection status

201

Testing a VPN

202

PPTP and L2TP VPN

203

Configuring PPTP

203

Configuring the FortiGate unit as a PPTP gateway

203

Configuring a Windows 98 client for PPTP

206

Configuring a Windows 2000 client for PPTP

207

Configuring a Windows XP client for PPTP

207

Configuring L2TP

209

Configuring the FortiGate unit as an L2TP gateway

209

Configuring a Windows 2000 client for L2TP

211

Configuring a Windows XP client for L2TP

213

Network Intrusion Detection System (NIDS)

215

Detecting attacks

215

Selecting the interfaces to monitor

216

Disabling monitoring interfaces

216

Configuring checksum verification

216

Viewing the signature list

217

Viewing attack descriptions

217

Disabling NIDS attack signatures

218

Adding user-defined signatures

218

Preventing attacks

220

Enabling NIDS attack prevention

220

Enabling NIDS attack prevention signatures

220

Setting signature threshold values

221

FortiGate-50A Installation and Configuration Guide

9

Page 9
Image 9
Fortinet 50A user manual Pptp and L2TP VPN 203