Created on 02-13-2018 11:59 PM Edited on 11-23-2021 08:14 AM By Anonymous
Description
Solution
config vpn l2tp
set eip 10.10.10.100
set sip 10.10.10.1
set status enable
set usrgrp "L2TP_Group"
end
config vpn ipsec phase1-interface
edit "L2TP"
set type dynamic
set interface "port9"
set proposal aes256-md5 3des-sha1 aes192-sha1
set dhgrp 2
set psksecret <password>
next
end
config vpn ipsec phase2-interface
edit "L2TP-p2"
set phase1name "L2TP"
set proposal aes256-md5 3des-sha1 aes192-sha1
set pfs disable
set encapsulation transport-mode
set l2tp enable
next
end
config firewall policy
edit 0
set name "L2TP policy"
set srcintf "L2TP"
set dstintf "virtual-wan-link"
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "L2TP"
next
end
config firewall policy
edit 0
set name "IPsec policy"
set srcintf "L2TP"
set dstintf "LAN"
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
next
end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.