Vpn Configuration Procedures; Ipsec Configuration Procedures - Fortinet FortiGate FortiGate-60M Administration Manual
Version 2.80 mr7 antivirus firewalls
Hide thumbs
Also See for FortiGate FortiGate-60M:
- Quick start manual (2 pages) ,
- Installation manual (64 pages)
Table of Contents
Advertisement
VPN configuration procedures
VPN configuration procedures
IPSec configuration procedures
268
The
FortiGate VPN Guide
procedures needed to create different types of VPN configurations. The guide
contains the following chapters:
•
"Configuring IPSec VPNs" describes how to set up various IPSec VPN
configurations.
•
"Configuring PPTP VPNs" describes how to configure a PPTP tunnel between a
FortiGate unit and a PPTP client.
•
"Configuring L2TP VPNs" describes how to configure the FortiGate unit to operate
as an L2TP network server.
•
"Monitoring and Testing VPN Tunnels" outlines some general monitoring and
testing procedures for VPNs.
General high-level procedures are presented here. For details, see the
Guide.
The following configuration procedures are common to all IPSec VPNs:
1
Define the phase 1 parameters that the FortiGate unit needs to authenticate remote
peers and establish a secure a connection. See
2
Define the phase 2 parameters that the FortiGate unit needs to create a VPN tunnel
with a remote peer. See
3
Define source and destination addresses for the IP packets that are to be transported
through the VPN tunnel, and create the firewall encryption policy, which defines the
scope of permitted services between the IP source and destination addresses. See
"Adding firewall policies for IPSec VPN tunnels" on page
Note: Perform Steps 1 and 2 to have the FortiGate unit generate unique IPSec encryption and
authentication keys automatically. In situations where a remote VPN peer requires a specific
IPSec encryption and/or authentication key, you must configure the FortiGate unit to use
manual keys instead of performing Steps 1 and 2. For more information, see
page
255.
Adding firewall policies for IPSec VPN tunnels
Firewall policies control all IP traffic passing between a source address and a
destination address. A firewall encryption policy is needed to allow the transmission of
encrypted packets, specify the permitted direction of VPN traffic, and select the VPN
tunnel that will be subject to the policy. A single encryption policy is needed to control
both inbound and outbound IP traffic through a VPN tunnel.
Before you define the policy, you must first specify the IP source and destination
addresses.
To define an IP source address
1
Go to Firewall > Address and select Create New.
uses a task-based approach to provide all of the
"Phase 2" on page
01-28007-0144-20041217
"Phase 1" on page
252.
268.
VPN
FortiGate VPN
248.
"Manual key" on
Fortinet Inc.
Advertisement
Table of Contents
