Vpn Spoke General Configuration Steps - Fortinet FortiGate 50A Installation And Configuration Manual
Fortinet fortigate installation and configuration guide
Hide thumbs
Also See for FortiGate 50A:
- Installation manual (52 pages) ,
- Installation manual (44 pages)
Table of Contents
Advertisement
IPSec VPN
VPN spoke general configuration steps
FortiGate-50A Installation and Configuration Guide
Figure 26: Adding a VPN concentrator
A remote VPN peer that functions as a spoke requires the following configuration:
•
A tunnel (AutoIKE phase 1 and phase 2 configuration or manual key configuration)
for the hub.
•
The source address of the local VPN spoke.
•
The destination address of each remote VPN spoke.
•
A separate outbound encrypt policy for each remote VPN spoke. These policies
allow the local VPN spoke to initiate encrypted connections.
•
A single inbound encrypt policy. This policy allows the local VPN spoke to accept
encrypted connections.
To create a VPN spoke configuration
1
Configure a tunnel between the spoke and the hub.
Choose between a manual key tunnel or an AutoIKE tunnel.
•
To add a manual key tunnel, see
•
To add an AutoIKE tunnel, see
2
Add the source address. One source address is required for the local VPN spoke.
See
"Adding a source address" on page
3
Add a destination address for each remote VPN spoke. The destination address is the
address of the spoke (either a client on the Internet or a network located behind a
gateway).
See
"Adding a destination address" on page 194
"Manual key IPSec VPNs" on page
"AutoIKE IPSec VPNs" on page
194.
IPSec VPN concentrators
181.
182.
199
- Quick Links:
- Connecting to the Web-Based Manager
Hide quick links:
Advertisement
Table of Contents
