238 Fortinet Inc.
Configuring PPTP PPTP and L2TP VPN
5 To remove addresses from the address group, select an address from the Members
list and select the left arrow to remove it from the group.
Select OK to add the address group.
Adding a destination address
Add an address to which PPTP users can connect.
1 Go to Firewall > Address.
2 Select the internal interface or the DMZ interface. (Methods will differ slightly between
FortiGate models.)
3 Select New to add an address.
4 Enter the Address Name, IP Address, and NetMask for a single computer or for an
entire subnetwork on an internal interface of the local VPN peer.
5 Select OK to save the source address.
Adding a firewall policy
Add a policy which specifies the source and destination addresses and sets the
service for the policy to the traffic type inside the PPTP VPN tunnel.
1 Go to Firewall > Policy.
2 Use the policy grid to choose the policy list to which to add the policy.
3 Select New to add a new policy.
4 Set Source to the group that matches the PPTP address range.
5 Set Destination to the address to which PPTP users can connect.
6 Set Service to match the traffic type inside the PPTP VPN tunnel.
For example, if PPTP users can access a web server, select HTTP.
7 Set Action to ACCEPT.
8 Select NAT if address translation is required.
You can also configure traffic shaping, logging, and antivirus and web filter settings for
PPTP policies.
9 Select OK to save the firewall policy.
Configuring a Windows 98 client for PPTP
Use the following procedure to configure a client computer running Windows 98 so
that it can connect to a FortiGate PPTP VPN. To configure the Windows 98 client, you
must install and configure Windows dialup networking and virtual private networking
support.
Installing PPTP support
1 Go to Start > Settings > Control Panel > Network.
2 Select Add.
3 Select Adapter.
