Fortinet FortiGate FortiGate-5001 Administration Manual page 282
Fortigate 5000 series
Hide thumbs
Also See for FortiGate FortiGate-5001:
- Quick start manual (2 pages) ,
- Introduction manual (77 pages) ,
- Quick manual (37 pages)
Table of Contents
Advertisement
CLI configuration
282
Note: The interface to the destination network must be associated with a VPN tunnel through a
firewall encryption policy (action must be set to encrypt). The policy determines which VPN
tunnel will be selected to forward traffic to the destination. When you create IPSec VIP entries,
check the encryption policy on the FortiGate interface to the destination network to ensure that
it meets your requirements.
For more information, see
Command syntax pattern
config vpn ipsec vip
edit <vip_integer>
set <keyword> <variable>
end
config vpn ipsec vip
edit <vip_integer>
unset <keyword>
end
config vpn ipsec vip
delete <vip_integer>
end
get vpn ipsec vip [<vip_integer>]
show vpn ipsec vip [<vip_integer>]
ipsec vip command keywords and variables
Keywords and variables
ip <address_ipv4>
out-interface
<interface-name_str>
Example
The following commands add IPSec VIP entries for two remote hosts that can be
accessed by a FortiGate unit through an IPSec VPN tunnel on the external
interface of the FortiGate unit. Similar commands must be entered on the FortiGate
unit at the other end of the IPSec VPN tunnel.
config vpn ipsec vip
edit 1
set ip 192.168.12.1
set out-interface external
next
edit 2
set ip 192.168.12.2
set out-interface external
end
01-28008-0013-20050204
"Configuring IPSec virtual IP addresses" on page
Description
The IP address of the destination
host on the destination network.
The name of the FortiGate interface
to the destination network.
VPN
283.
Default
Availability
0.0.0.0 All models.
null
All models.
Fortinet Inc.
Advertisement
Table of Contents
