|
The FortiGate can be set up as a L2TP client only through CLI as follows:
Note: This is only available in standalone mode. With HA, this will set up a L2 broadcast loop since L2PP is an L2 protocol. For that reason, this option is only available in standalone mode.
config system interface
edit "wan"
set status up
set l2tp-client enable
set l2forward enable
config l2tp-client-settings
set auth-type auto
set defaultgw enable
set mtu 1460
set user <user_name>
set password <password>
set peer-host <host_IP_address>
set peer-port <specify the port used to connect to L2TP peers, default is 1701>
end
This feature is available only in small business units such 30E, 40F, 100F etc.
If the L2TP client does not connect, use the following debug, sniffer and diagnostic command to troubleshoot.
Debug:
diagnose debug disable
diagnose debug reset
diagnose debug application l2tpcd -1
diagnose debug application ppp -1
diagnose debug console timestamp enable
diagnose debug enable
Once the debug logs capture has completed, run the following commands to disable debug:
diagnose debug reset
diagnose debug disable
Sniffer:
diagnose sniffer packet any "host <Peer-host-ip> and port <Peer-host-port>" 6 0 l
(Stop sniffer at any time with CTRL+C.)
Diagnostic command:
diagnose test application l2tpcd 1
|
