# config system interface
edit "loopback1"
set vdom "root"
set ip X.X.X.X 255.255.255.0
set allowaccess ping https ssh http
set type loopback
set snmp-index 4
end
# config firewall address
edit "access_range"
set subnet X.X.X.X 255.255.255.0
next
edit "pptp_range"
set type iprange
set start-ip 10.10.10.1
set end-ip 10.10.10.10
end
# config user local3) Assign the user to a desired group if needed:
edit <username>
set type password
set passwd-time 2018-09-21 13:00:00
set passwd <password>
next
# config user group
edit <group_name>
set group-type firewall
set member <user_names>
next
# config firewall policy
edit 0
set srcintf wan1 (<interface to internet>)
set dstintf "loopback1" (<interface to internal network>)
set srcaddr "pptp_range" (<reserved_range>)
set dstaddr "access_range" (<internal_addresses>)
set action accept
set schedule "always"
set service "ALL"
set logtraffic all
set nat enable
# edit 3
set srcintf "wan1"
set dstintf "wan1"
set srcaddr "pptp_range"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set logtraffic all
set nat enable
# config vpn pptp
set status enable
set ip-mode range
set eip 10.10.10.10
set sip 10.10.10.1
set usrgrp <group_name>
h) In the network connections screen, locate the PPTP connection that as just been created, right-click on it, and choose Properties -> Networking -> and then specify the DNS for Internet access.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.