FortiGate IPSec VPN User Guide - FirewallShop.com
FortiGate IPSec VPN User Guide - FirewallShop.com
FortiGate IPSec VPN User Guide - FirewallShop.com
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Contents<br />
Manual-key configurations .......................................................... 111<br />
Configuration overview................................................................................. 111<br />
Specify the manual keys for creating a tunnel .......................................... 112<br />
IPv6 <strong>IPSec</strong> <strong>VPN</strong>s ............................................................................ 115<br />
Overview of IPv6 <strong>IPSec</strong> support................................................................... 115<br />
Certificates ................................................................................................ 116<br />
Configuring IPv6 <strong>IPSec</strong> <strong>VPN</strong>s....................................................................... 116<br />
Phase 1 configuration ............................................................................... 116<br />
Phase 2 configuration ............................................................................... 116<br />
Firewall policies......................................................................................... 116<br />
Routing...................................................................................................... 117<br />
Site-to-site IPv6 over IPv6 <strong>VPN</strong> example..................................................... 117<br />
Configure <strong>FortiGate</strong> A interfaces .............................................................. 117<br />
Configure <strong>FortiGate</strong> A <strong>IPSec</strong> settings ....................................................... 118<br />
Configure <strong>FortiGate</strong> A firewall policies...................................................... 118<br />
Configure <strong>FortiGate</strong> A routing ................................................................... 119<br />
Configure <strong>FortiGate</strong> B ............................................................................... 119<br />
Site-to-site IPv4 over IPv6 <strong>VPN</strong> example..................................................... 120<br />
Configure <strong>FortiGate</strong> A interfaces .............................................................. 120<br />
Configure <strong>FortiGate</strong> A <strong>IPSec</strong> settings ....................................................... 121<br />
Configure <strong>FortiGate</strong> A firewall policies...................................................... 121<br />
Configure <strong>FortiGate</strong> A routing ................................................................... 122<br />
Configure <strong>FortiGate</strong> B ............................................................................... 122<br />
Site-to-site IPv6 over IPv4 <strong>VPN</strong> example..................................................... 124<br />
Configure <strong>FortiGate</strong> A interfaces .............................................................. 124<br />
Configure <strong>FortiGate</strong> A <strong>IPSec</strong> settings ....................................................... 124<br />
Configure <strong>FortiGate</strong> A firewall policies...................................................... 125<br />
Configure <strong>FortiGate</strong> A routing ................................................................... 125<br />
Configure <strong>FortiGate</strong> B ............................................................................... 125<br />
Auto Key phase 1 parameters ..................................................... 127<br />
Overview......................................................................................................... 127<br />
Defining the tunnel ends............................................................................... 128<br />
Choosing main mode or aggressive mode ................................................. 128<br />
Authenticating the <strong>FortiGate</strong> unit ................................................................ 129<br />
Authenticating the <strong>FortiGate</strong> unit with digital certificates .......................... 129<br />
Authenticating the <strong>FortiGate</strong> unit with a pre-shared key ........................... 130<br />
Authenticating remote peers and clients ................................................... 131<br />
Enabling <strong>VPN</strong> access for specific certificate holders ............................... 132<br />
Before you begin ................................................................................ 132<br />
Enabling <strong>VPN</strong> access by peer identifier.................................................... 134<br />
Enabling <strong>VPN</strong> access using user accounts and pre-shared keys............. 135<br />
<strong>FortiGate</strong> <strong>IPSec</strong> <strong>VPN</strong> Version 3.0 <strong>User</strong> <strong>Guide</strong><br />
6 01-30005-0065-20070716