Fortinet FortiGate 4000 User Guide

In the VPN Server Selection dialog, enter the IP address or host name of the 
FortiGate unit to connect to and select Next.

Select Finish.

Right-click the icon that you have created.

Select Properties > Security.

Select Typical to configure typical settings.

Select Require data encryption.

Select Advanced to configure advanced settings.

Select Settings.

Select Challenge Handshake Authentication Protocol (CHAP).

Make sure that none of the other settings are selected.

Select the Networking tab.

Make sure that the following options are selected:
• TCP/IP
• QoS Packet Scheduler

Make sure that the following options are not selected:
• File and Printer Sharing for Microsoft Networks
• Client for Microsoft Networks

Select the Networking tab.

Select Internet Protocol (TCP/IP) properties.

Double-click the Advanced tab.

Go to the Options tab and select IP security properties.

Make sure that Do not use IPSec is selected.

Select OK and close the connection properties window.

Use the registry editor (regedit) to locate the following key in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasman\
Parameters

Note: If a RADIUS server is used for authentication do not select Require data encryption. 
L2TP encryption is not supported for RADIUS server authentication.

Note: The default Windows XP L2TP traffic policy does not allow L2TP traffic without IPSec 
encryption. You can disable default behavior by editing the Windows XP Registry as described 
in the following steps. See the Microsoft documentation for editing the Windows Registry.