Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Nishtha_Baria
Staff
Staff

Created on ‎01-11-2023 07:36 AM

Article Id 242663

Technical Tip: L2TP VPN to Internal VPN Server via Fortigate

Description

 

This article describes how to connect to VPN using L2TP VPN and connect to a VPN Server which is internal to FortiGate.

 

Scope

 

All currently supported versions of FortiGate.

 

Solution

 

Traffic must be forwarded to the internal server, which will require authentication and creation of the VPN to be performed on the VPN server. 

 

Consider the following architecture:

 

VPN Server                  FortiGate                        PC 

 

On the PC the VPN is being configured for, forward the traffic from the WAN interface to the internal VPN server using a virtual IP:

 

- Create a virtual IP for the VPN server by navigating in the GUI to Policy & Objects -> Virtual IPs -> Create New.

 

Untitled.png

 

- Create a Firewall Policy with the destination set to the virtual IP and allow the following services: L2TP, GRE, and PPTP. These are required for authentication and communication on the internal VPN server.

 

Picture1.png

 

After this setup, the VPN will be connected to a VPN server behind the FortiGate without the further need to set up a VPN on FortiGate.

Labels:
1150
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.