Syntax applicable for vpn console table
config vpnmgr vpntable edit xxxx set topology star|meshed|dial set psk-auto-generate enable|disable set psksecret xxxx set ike1proposal 3des-sha1 3des-md5 … set ike1dhgroup XXXX set ike1keylifesec 28800 set ike1mode aggressive|main set ike1dpd enable|disable set ike1nattraversal enable|disable set ike1natkeepalive 10 set ike2proposal 3des-sha1 3des-md5 set ike2dhgroup 5
set ike2keylifetype seconds|kbyte|both set ike2keylifesec 1800 set ike2keylifekbs 5120 set ike2keepalive enable|disable set replay enable|disable set pfs enable|disable set ike2autonego enable|disable set fcc-enforcement enable|disable
set localid-type auto|fqdn|user-fqdn|keyid|addressasn1dn set authmethod psk|signature set inter-vdom enable|disable set certificate XXXX
next
end
Syntax applicable for vpn console node
config vpnmgr node edit “1” set vpntable “<table_name>” set role hub|spoke set iface xxxx set hub_iface xxxx
set automatic_routing enable|disable set extgw_p2_per_net enable|disable set banner xxxx
set route-overlap use-old|use-new|allow
history
set dns-mode manual|auto set domain xxxx set local-gw x.x.x.x set unity-support enable|disable set xauthtype disable|client|pap|chap|auto
set authusr xxxx set authpasswd xxxx set authusrgrp xxxx set public-ip x.x.x.x config protected_subnet edit 1 set addr xxxx xxxx … next
end
Syntax applicable for setting installation target on policy package
config firewall policy edit x
…regular policy command here…
set _scope “<dev_name>”-“<vdom_name>”
next
end
Syntax applicable for global policy config global header policy
…regular policy command here…
end config global footer policy
…regular policy command here… end
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!