have a fortigate 50a, and have server 2008 in another location far from the fortigate. the server 2008 is acting as a vpn server, certain users can authenticate and connect via vpn.
in xp, they just make a new connection, vpn, put in the server's outside ip address, domain\username and password, and can connect. they can then access things by netbios, ip, etc.
NOW we want to be able to configure a fortigate 50a to connect itself to the server 2008 vpn server. note that the fortigate is NOT intended to be SERVING vpn... but it should be a client of the server2008 machine. when it connects to the vpn, we'd like LAN machines that are on the private side of the fortigate, to be able to talk to things on the private side of the server 2008 network. this already works for XP clients who connect themselves, we just want to add the functionality of a site-to-site tunnel, using the 50a
please post steps rather than pasting links to the various PDF guides out there. cite references if you want, but please please please don't just paste "look here [control-v]"