L2TP .............................................................................................................................. 265
Certificates ...................................................................................................................... 270
CLI configuration............................................................................................................. 275
ipsec phase1............................................................................................................... 275
ipsec phase2............................................................................................................... 277
ipsec vip ...................................................................................................................... 278
Gateway-to-gateway VPN............................................................................................... 280
Dialup VPN ..................................................................................................................... 281
Dynamic DNS VPN ......................................................................................................... 281
Manual key IPSec VPN................................................................................................... 282
Special rules ............................................................................................................... 285
Hub and spoke VPNs...................................................................................................... 286
Configuring the hub..................................................................................................... 286
Configuring spokes ..................................................................................................... 288
Redundant IPSec VPNs.................................................................................................. 289
Troubleshooting .............................................................................................................. 292
IPS ....................................................................................................................... 293
Signature......................................................................................................................... 294
Predefined................................................................................................................... 294
Custom........................................................................................................................ 298
Anomaly .......................................................................................................................... 300
Default fail open setting .................................................................................................. 304
FortiGate-400A Administration Guide
01-28006-0096-20041105
Contents
9