Site A # conf vpn pptp
Site A (pptp) # sh full-configuration
config vpn pptp
set status enable
set ip-mode range
set eip 192.166.1.14
set sip 192.166.1.1
set usrgrp "Guest-group"
end
Site A # config firewall address
Site A (address) # edit pptp
Site A (pptp) # set subnet 192.166.1.0 255.255.255.240
Site A (pptp) # next
Site A (address) # end
Site A # conf firewall policy
edit 1
set srcintf "wan1"
set dstintf "internal"
set srcaddr "pptp"
set dstaddr "10.10.1.0/24"
set action accept
set schedule "always"
set service "ALL"
edit 2
set srcintf "wan1"
set dstintf "wan1"
set srcaddr "pptp"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set nat enable
next
edit 3
set srcintf " internal"
set dstintf "wan1"
set srcaddr "10.10.1.0/24"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set logtraffic all
set nat enable
edit 12
set srcintf "wan1"
set dstintf "to_SiteB"
set srcaddr "pptp"
set dstaddr "192.168.10.0/24"
set action accept
set schedule "always"
set service "ALL"
next
edit 13
set srcintf "to_SiteB"
set dstintf "wan1"
set srcaddr "192.168.10.0/24"
set dstaddr "pptp"
set action accept
set schedule "always"
set service "ALL"
edit 9
set srcintf "to_SiteB"
set dstintf "internal"
set srcaddr "192.168.10.0/24"
set dstaddr "10.10.1.0/24"
set action accept
set schedule "always"
set service "ALL"
next
edit 10
set srcintf "internal"
set dstintf "to_SiteB"
set srcaddr "10.10.1.0/24"
set dstaddr "192.168.10.0/24"
set action accept
set schedule "always"
set service "ALL"
next
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.