Wednesday, January 20, 2010

L2tp in Fortigate

config system interface

edit "wan1"
set vdom "root"
set mode dhcp
set allowaccess ping https ssh snmp http telnet
set gwdetect enable
set l2forward enable
set type physical
set l2tp-client enable
set speed 100full
config l2tp-client-settings
set auth-type pap
set defaultgw enable
set mtu 1392
set password ENC BnDHJbL96OH7avonZulRAWno1Otg48oH+X1+HTPCeDL1ob8Up6lawLSLgI+kyAhl+WfYuGLyIpUm4IEtgOpqUeAAiolHGGeVKpXs5sSps0U4ZugD
set peer-host "212.143.205.253"
set user "username"

end
next
end


config router static

edit 1
set device "wan1"
set dst 212.143.205.253 255.255.255.255
set priority 10

next
end


don't forget to add a static route to the L2tp gateway (in my case 212.143.205.253) through WAN1 interface.
Posted by at
Labels: , ,

3 comments:

Unknown said...

Hi Igor,

I used your setup and it does connect.
However - I'm still having problem with the NAT.
(from the FG i can ping addresses in the www but from the lan it seems that the NAT is using the dialer ip andf not the real one.)

How can I solve it ?

Thanks,
Gil

December 25, 2010 at 4:21 PM
Shahar L said...
This comment has been removed by the author.
March 14, 2012 at 12:49 AM
Shahar L said...

האם זה עבד למישהו?

March 14, 2012 at 12:49 AM

Post a Comment

Subscribe to: Post Comments (Atom)