Configure the FortiGate dialup client
Configure the FortiGate dialup client.
1. At the FortiGate dialup client, define the Phase 1 parameters needed to authenticate the dialup server and establish a secure connection. See
“Phase 1 parameters”. Enter these settings in particular:
Name | Enter a name to identify the VPN tunnel. |
Remote Gateway | Select Static IP Address. |
IP Address | Type the IP address of the dialup server’s public interface. |
Local Interface | Select the interface that connects to the public network. |
Mode | The FortiGate dialup client has a dynamic IP address, select Aggressive. |
Advanced | Select to view the following options. |
Local ID | If you defined a peer ID for the dialup client in the FortiGate dialup server configuration, enter the identifier of the dialup client. The value must be identical to the peer ID that you specified previously in the FortiGate dialup server configuration. |
2. Define the Phase 2 parameters needed to create a VPN tunnel with the dialup server. See
“Phase 2 parameters”. Enter these settings in particular:
Name | Enter a name to identify this Phase 2 configuration. |
Phase 1 | Select the name of the Phase 1 configuration that you defined. |
3. Define names for the addresses or address ranges of the private networks that the VPN links. See
“Defining policy addresses”. Enter these settings in particular:
• Define an address name for the server, host, or network behind the FortiGate dialup server.
• Define an address name for the private network behind the FortiGate dialup client.
4. Define security policies to permit communication between the private networks through the VPN tunnel. Route-based and policy-based VPNs require different security policies. For detailed information about creating security policies, see
“Defining VPN security policies”.