There is no PPTP VPN Server on the NGFW, but it does offer a similar option via the IPSec Application called L2TP. This allows you to use the same VPN client built into Windows that you would with PPTP.
Configuring L2TP on NGFW
To use L2TP you need IPSec VPN on the NGFW. Once that is installed follow these steps to get it running:
- Go to IPSec VPN > Settings > VPN Options, check Enable L2TP Server
- If you wish, you can change the Address Pool, but it must be a unique subnet that is not already defined on the NGFW.
- Specify an IPSec secret. This will need to be added to the VPN client on the user computers as a second level of authentication.
- If you want to be able to connect on more than one external IP address, or if you want to use an address that is not the Primary WAN, you can change it in the Server Listen Addresses field.
- Click Apply and then Ok.
- Go to Config > Local Directory.
- Add all of the users you want to be able to use L2TP. The username and password you specify here will be what they use to connect to the VPN.
Configuring L2TP on Windows Computer
The last step is configuring the VPN Client itself. For most versions of Windows you can use these instructions:
- Go to Start > Control Panel > Network Connections. In newer versions of Windows, Network Connections is usually found under Start > Control Panel > Network and Sharing Center.
- If you have no VPN Connection on the PC, click "Connect to a Network". Otherwise right-click the VPN Connection and select Properties.
- Go to the Security tab.
- Change Type of VPN to "Layer 2 Tunneling Protocol with IPSec (L2TP/IPSec)".
- Click the Advanced Settings button.
- Select Use preshared key for authentication and type in the secret you put in on step 3 above.
- Click OK twice.
- Type your username and password and click Connect.