Fortinet FortiGate FortiGate-800 Installation And Configuration Manual page 237

Fortinet network device installation and configuration guide

Hide thumbs Also See for FortiGate FortiGate-800:

Administration manual (392 pages)

Install manual (64 pages)

Technical note (12 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

Table of Contents

IPSec VPN

FortiGate-800 Installation and Configuration Guide

Configure the Local ID the that the FortiGate unit sends to the remote VPN peer.

•

Preshared key: If the FortiGate unit is functioning as a client and uses its ID to

authenticate itself to the remote VPN peer, enter an ID. If no ID is specified, the

FortiGate unit transmits its IP address.

•

RSA Signature: No entry is required because the Local ID field contains the

Distinguished Name (DN) of the certificate associated with this phase 1

configuration. The DN identifies the owner of the certificate and includes, as a

minimum, a Common Name (CN). The DN is transmitted in place of an ID or IP

address.

Configuring advanced options

To configure phase 1 advanced options

Select Advanced Options.

Select a Peer Option if you want to authenticate remote VPN peers by the ID that they

transmit during phase 1.

Accept any peer ID

Accept this peer ID

Accept peer ID in dialup group Select to authenticate each remote VPN peer with a unique

Optionally, configure XAuth.

XAuth (IKE eXtended Authentication) authenticates VPN peers at the user level. If the

the FortiGate unit (the local VPN peer) is configured as an XAuth server, it

authenticates remote VPN peers by referring to a user group. The users contained in

the user group can be configured locally on the FortiGate unit or on remotely located

LDAP or RADIUS servers. If the FortiGate unit is configured as an XAuth client, it

provides a user name and password when it is challenged.

Name

Password

Select to accept any peer ID (and therefore not authenticate

remote VPN peers by peer ID).

Select to authenticate a specific VPN peer or a group of VPN

peers with a shared user name (ID) and password (pre-

shared key). Also add the peer ID.

user name (ID) and password (pre-shared key). Also select

a dialup group (user group).

Configure the user group prior to configuring this peer

option.

XAuth: Enable as a Client

Enter the user name the local VPN peer uses to authenticate itself to the

remote VPN peer.

Enter the password the local VPN peer uses to authenticate itself to the

remote VPN peer.

AutoIKE IPSec VPNs

237

Table of Contents

Show Quick Links

Quick Links:
Connecting to the Web-Based Manager

Hide quick links:

Table of Contents

Fortinet FortiGate FortiGate-800 Installation And Configuration Manual page 237

Hide quick links:

Related Manuals for Fortinet FortiGate FortiGate-800

Related Products for Fortinet FortiGate FortiGate-800

Table of Contents