Example PPTP Range configuration
When using a RADIUS server for user authentication, PPTP and L2TP encryption is not supported and
you should not select Require data encryption when configuring Windows clients for PPTP or L2TP.
•
Add the addresses from the PPTP address range to the external interface address list. The
addresses can be grouped into an external address group.
•
Add the addresses to which PPTP users can connect to the internal interface. The addresses can be
grouped into an address group.
•
Add an Ext -> Int policy to allow PPTP clients to connect through the DFL-500 NPG.
Configure the policy as follows:
Source
The address group that matches the PPTP address range.
Destination The address to which PPTP users can connect.
The service that matches the traffic type inside the PPTP VPN tunnel. For example, if PPTP
Service
users can access a web server, select HTTP.
Action
ACCEPT
NAT
Select NAT if address translation is required.
You can also configure traffic shaping, logging, and web filter settings for PPTP policies.
For information about adding firewall policies, see
DFL-500 User Manual
Adding NAT/Route mode
policies.
68