fortigate-ipsec-40-mr3
fortigate-ipsec-40-mr3
fortigate-ipsec-40-mr3
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Authenticating remote peers and clients Auto Key phase 1 parameters<br />
To authenticate dialup clients using unique preshared keys and/or peer IDs<br />
1 At the FortiGate VPN server, go to VPN > IPsec > Auto Key (IKE).<br />
2 In the list, select the Edit icon of a phase 1 configuration to edit its parameters.<br />
3 If the clients have unique peer IDs, set Mode to Aggressive.<br />
4 Clear the Pre-shared Key field.<br />
The user account password will be used as the preshared key.<br />
5 Select Accept peer ID in dialup group and then select the group name from the list of<br />
user groups.<br />
6 Select OK.<br />
Follow this procedure to add a unique pre-shared key and unique peer ID to an existing<br />
FortiClient configuration.<br />
To configure FortiClient - pre-shared key and peer ID<br />
1 Start the FortiClient Endpoint Security application.<br />
2 Go to VPN > Connections, select the existing configuration.<br />
3 Select Advanced > Edit.<br />
4 In the Preshared Key field, type the FortiGate password that belongs to the dialup<br />
client (for example, 1234546).<br />
The user account password will be used as the preshared key.<br />
5 Select Advanced.<br />
6 Under Policy, select Config.<br />
7 In the Local ID field, type the FortiGate user name that you assigned previously to the<br />
dialup client (for example, FortiC1ient1).<br />
8 Select OK to close all dialog boxes.<br />
Configure all FortiClient dialup clients this way using unique preshared keys and local<br />
IDs.<br />
Follow this procedure to add a unique pre-shared key to an existing FortiClient<br />
configuration.<br />
To configure FortiClient - preshared key only<br />
1 Start the FortiClient Endpoint Security application.<br />
2 Go to VPN > Connections, select the existing configuration<br />
3 Select Advanced > Edit.<br />
4 In the Preshared Key field, type the user name, followed by a “+” sign, followed by the<br />
password that you specified previously in the user account settings on the FortiGate<br />
unit (for example, FC2+1FG6LK)<br />
5 Select OK to close all dialog boxes.<br />
Configure all the FortiClient dialup clients this way using their unique peer ID and<br />
pre-shared key values.<br />
IPsec VPNs for FortiOS 4.0 MR3<br />
48 01-434-112804-20120111<br />
http://docs.fortinet.com/