FortiOS 5.4 Online Help Link FortiOS 5.2 Online Help Link FortiOS 5.0 Online Help Link FortiOS 4.3 Online Help Link

Home > Online Help

> Chapter 14 - IPsec VPN > L2TP and IPsec (Microsoft VPN) > Configuring the Windows PC

Configuring the Windows PC

Configuration of the Windows PC for a VPN connection to the FortiGate unit consists of the following:

  1. In Network Connections, configure a Virtual Private Network connection to the FortiGate unit.
  2. Ensure that the IPSEC service is running.
  3. Ensure that IPsec has not been disabled for the VPN client. It may have been disabled to make the Microsoft VPN compatible with an earlier version of FortiOS.

The instructions in this section are based on Windows XP SP3. Other versions of Windows may vary slightly.

To configure the network connection
  1. Open Network Connections.
    This is available through the Control Panel.
  2. Double-click New Connection Wizard and Select Next.
  3. Select Connect to the network at my workplace.
  4. Select Next.
  5. Select Virtual Private Network connection and select Next.
  6. In the Company Name field, enter a name for the connection and select Next.
  7. Select Do not dial the initial connection and then select Next.
  8. Enter the public IP address or FQDN of the FortiGate unit and select Next.
  9. Optionally, select Add a shortcut to this connection to my desktop.
  10. Select Finish.
    The Connect dialog opens on the desktop.
  11. Select Properties and then select the Security tab.
  12. Select IPsec Settings.
  13. Select Use pre-shared key for authentication, enter the preshared key that you configured for your VPN, and select OK.
  14. Select OK.
To check that the IPSEC service is running
  1. Open Administrative Tools through the Control Panel.
  2. Double-click Services.
  3. Look for IPSEC Services. Confirm that the Startup Type is Automatic and Status is set to Started. If needed, double-click IPSEC Services to change these settings.
To check that IPsec has not been disabled
  1. Select Start > Run.
  2. Enter regedit and select OK.
  3. Find the Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameters
  4. If there is a ProhibitIPsec value, it must be set to 0.