FortiGate IPSec VPN User Guide - FirewallShop.com
FortiGate IPSec VPN User Guide - FirewallShop.com
FortiGate IPSec VPN User Guide - FirewallShop.com
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>FortiGate</strong> dialup-client configuration steps<br />
<strong>FortiGate</strong> dialup-client configurations<br />
• Computers on the private network behind the <strong>FortiGate</strong> dialup client can obtain<br />
IP addresses either from a DHCP server behind the <strong>FortiGate</strong> dialup client, or<br />
a DHCP server behind the <strong>FortiGate</strong> dialup server.<br />
• If the DHCP server resides on the network behind the dialup client, the<br />
DHCP server must be configured to assign IP addresses that do not match<br />
the private network behind the <strong>FortiGate</strong> dialup server.<br />
• If the DHCP server resides on the network behind the <strong>FortiGate</strong> dialup<br />
server, the DHCP server must be configured to assign IP addresses that do<br />
not match the private network behind the <strong>FortiGate</strong> dialup client. In addition,<br />
the <strong>FortiGate</strong> dialup client routing table must contain a static route to the<br />
DHCP server (see the “Router Static” chapter of the <strong>FortiGate</strong><br />
Administration <strong>Guide</strong>).<br />
<strong>FortiGate</strong> dialup-client configuration steps<br />
The procedures in this section assume that <strong>com</strong>puters on the private network<br />
behind the <strong>FortiGate</strong> dialup client obtain IP addresses from a local DHCP server.<br />
The assigned IP addresses do not match the private network behind the <strong>FortiGate</strong><br />
dialup server.<br />
Note: In situations where IP-address overlap between the local and remote private<br />
networks is likely to occur, <strong>FortiGate</strong> DHCP relay can be configured on the <strong>FortiGate</strong> dialup<br />
client to relay DHCP requests to a DHCP server behind the <strong>FortiGate</strong> dialup server. For<br />
more information, see “To configure DHCP relay on the <strong>FortiGate</strong> unit” on page 62.<br />
Configuring dialup client capability for <strong>FortiGate</strong> dialup clients involves the<br />
following general configuration steps:<br />
• Determine which IP addresses to assign to the private network behind the<br />
<strong>FortiGate</strong> dialup client, and add the IP addresses to the DHCP server behind<br />
the <strong>FortiGate</strong> dialup client. Refer to the software supplier’s documentation to<br />
configure the DHCP server.<br />
• Configure the <strong>FortiGate</strong> dialup server. See “Configure the server to accept<br />
<strong>FortiGate</strong> dialup-client connections” on page 75.<br />
• Configure the <strong>FortiGate</strong> dialup client. See “Configure the <strong>FortiGate</strong> dialup<br />
client” on page 76.<br />
<strong>FortiGate</strong> <strong>IPSec</strong> <strong>VPN</strong> Version 3.0 <strong>User</strong> <strong>Guide</strong><br />
74 01-30005-0065-20070716