IPSec Hub-and-spoke configurations

Hub-and-spoke configurations This section describes how to set up hub-and-spoke IPsec VPNs. The following topics are included in this section: Configuration overview Configure the hub Configure the spokes Dynamic spokes configuration example Configuration overview In a hub-and-spoke configuration, VPN connections radiate from a central FortiGate unit (the hub) to a number of remote peers (the […]

IPSec Gateway-to-gateway

Gateway-to-gateway This section explains how to set up a basic gateway-to-gateway (site-to-site) IPsec VPN. The following topics are included in this section: Configuration overview Gateway-to-gateway configuration How to work with overlapping subnets Testing Configuration overview In a gateway-to-gateway configuration, two FortiGate units create a VPN tunnel between two separate private networks. All traffic between the […]

Defining VPN security policies

Defining VPN security policies This section explains how to specify the source and destination IP addresses of traffic transmitted through an IPsec VPN, and how to define appropriate security policies. The following topics are included in this section: Defining policy addresses Defining security policies for policy-based and route-based VPNs Defining policy addresses A VPN tunnel […]

IPSec Phase 2 parameters

Phase 2 parameters This section describes the Phase 2 parameters that are required to establish communication through a VPN. The following topics are included in this section: Phase 2 settings Configuring the Phase 2 parameters Phase 2 settings After IPsec VPN Phase 1 negotiations complete successfully, Phase 2 negotiation begins. Phase 2 parameters define the […]

IPSec Phase 1 parameters

Phase 1 parameters This chapter provides detailed step-by-step procedures for configuring a FortiGate unit to accept a connection from a remote peer or dialup client. The Phase 1 parameters identify the remote peer or clients and supports authentication through preshared keys or digital certificates. You can increase access security further using peer identifiers, certificate distinguished […]

FortiOS 5.4.6 Release Notes

Introduction This document provides the following information for FortiOS 5.4.6 build 1165: FortiGate FG-30D, FG-30E, FG-30D-POE, FG-50E, FG-51E, FG-60D, FG-60D-POE, FG-70D, FG-70D-POE, FG-80C, FG-80CM, FG-80D, FG-90D, FG-90D-POE, FG-92D, FG94D-POE, FG-98D-POE, FG-100D, FG-140D, FG-140D-POE, FG- 200D, FG-200DPOE, FG-240D, FG-240D-POE, FG-280D-POE, FG-300D, FG-400D, FG-500D, FG- 600C, FG-600D, FG-800C, FG-800D, FG-900D, FG-1000C, FG-1000D, FG-1200D, FG-1500D, FG-1500DT, FG-3000D, FG-3100D, […]

IPsec VPN overview

IPsec VPN overview This section provides a brief overview of IPsec technology and includes general information about how to configure IPsec VPNs using this guide. The following topics are included in this section: Types of VPNs Planning your VPN General preparation steps How to use this guide to configure an IPsec VPN   VPN configurations […]