How to allow the VPN client remote access to internal network

Forum|Forum|19 years ago
October 10, 2006
4 replies
6582 views

I' ve the fortigate 200 in office as i' m trying to remote access using Microsoft VPN plain text to access to office " Internal Network" . Behind my firewall, there is a DHCP server. I' ve setup the firewall policy (external to internal) and PPTP. While i' m trying to remote connect, it validate the username and password, and then connected. However, i couldn' t get the IP address from the DHCP server.. When i do a " ipconfig" and the IP address is 200.1.1.190/ 255.255.255.255. I try to ping my internal IP of all my servers, i couldn' t ping or unable to connect. What i want is to get the IP address from my internal DHCP server if possible. If u have another alternative solution, pls advise. Appreciate if anyone can help... Thks

Fireshield

New Member

Try removing NAT from the policy and see if that fixes your issue.

A

Anonymous_UserAuthor

Contributor

I tried to remove NAT, it seems to be the same (IP: 200.1.1.190 /255.255.255.0).. It does not get the IP address from DHCP and no DNS assign. I couldn' t ping my internal IP addresses of all the servers. I do not know whether is this a correct setup..

Fireshield

New Member

Is 200.1.1.190 part of your internal subnet?

A

Anonymous_UserAuthor

Contributor

Yes.. 200.1.1.190 is part of my internal subnet. In fact, all my internal ip address are from 200.1.1.1 to 200.1.1.254.

A

Anonymous_UserAuthor

Contributor

I can made a microsoft PPTP VPN through a fortigate 60. 1. I made a static route first the real IP gateway to all my local ip 2. made a virtual IP mapping a real IP to Firewall ip (I directly use the Wan2 IP address) 3. made a local user for VPN user. 4. made a user group for vpn and select a policy to it. 5. set a pptp range in order to provide remote user a local IP address 6. use win 2000 or xp to dial a PPTP VPN though the real IP and use the VPN user ID and password I set in 3. Hope this can help you and please tell me is it have a black holes for hacker?

A

Anonymous_UserAuthor

Contributor

Hi, Can u send me a picture of your static route and firewall policy.. I tried your steps, but it couldn' t connect.. Thks

A

Anonymous_UserAuthor

Contributor

Not sure if this helps you at all, But I had a similar problem where I could autenticate into the network but could not access anything onthe network? I figured it was a routing issue and put my concentration in that area. Until I started to re-evaluate my config settings. I Mistakenly listed the the DHCP server as the address range in the Forticlient config screen as the remote network address. so instead of using 172.16.0.0 I listed it as 172.16.0.1 which gave me all kinds of problems. I hope this makes sense.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded