FortiGate IPSec VPN User Guide - FirewallShop.com
FortiGate IPSec VPN User Guide - FirewallShop.com
FortiGate IPSec VPN User Guide - FirewallShop.com
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Introduction<br />
About <strong>FortiGate</strong> <strong>IPSec</strong> <strong>VPN</strong>s<br />
Introduction<br />
This chapter introduces you to <strong>FortiGate</strong> <strong>VPN</strong>s and the following topics:<br />
• About <strong>FortiGate</strong> <strong>IPSec</strong> <strong>VPN</strong>s<br />
• About this document<br />
• Fortinet documentation<br />
• Customer service and technical support<br />
About <strong>FortiGate</strong> <strong>IPSec</strong> <strong>VPN</strong>s<br />
A virtual private network (<strong>VPN</strong>) is a way to use a public network, such as the<br />
Internet, to provide remote offices or individual users with secure access to private<br />
networks. For example, a <strong>com</strong>pany that has two offices in different cities, each<br />
with its own private network, can use a <strong>VPN</strong> to create a secure tunnel between<br />
the offices. Similarly, tele<strong>com</strong>muters can use <strong>VPN</strong> clients to access private data<br />
resources securely from a remote location.<br />
With the <strong>FortiGate</strong> unit’s built-in <strong>VPN</strong> capabilities, small home offices, mediumsized<br />
businesses, enterprises, and service providers can ensure the<br />
confidentiality and integrity of data transmitted over the Internet. The <strong>FortiGate</strong><br />
unit provides enhanced authentication, strong encryption, and restricted access to<br />
<strong>com</strong>pany network resources and services.<br />
<strong>FortiGate</strong> units support Internet Protocol Security (<strong>IPSec</strong>), a framework for the<br />
secure exchange of packets at the IP layer, to authenticate and encrypt traffic.<br />
<strong>FortiGate</strong> units implement the Encapsulated Security Payload (ESP) protocol in<br />
tunnel mode. The encrypted packets look like ordinary packets that can be routed<br />
through any IP network. Internet Key Exchange (IKE) is performed automatically<br />
based on preshared keys or X.509 digital certificates. As an option, you can<br />
specify manual keys.<br />
The <strong>FortiGate</strong> <strong>IPSec</strong> <strong>VPN</strong> feature is <strong>com</strong>patible with the <strong>VPN</strong> client feature of the<br />
FortiClient Host Security application. A <strong>FortiGate</strong> unit can act as a policy server,<br />
enabling FortiClient users to download and apply <strong>VPN</strong> settings automatically.<br />
Because <strong>FortiGate</strong> units support industry standard <strong>IPSec</strong> <strong>VPN</strong> technologies, you<br />
can configure an <strong>IPSec</strong> <strong>VPN</strong> between a <strong>FortiGate</strong> unit and most third-party <strong>IPSec</strong><br />
<strong>VPN</strong> devices or clients. There are articles about interoperation with some specific<br />
third-party devices on the Fortinet Knowledge Center. Otherwise, for more<br />
information about <strong>FortiGate</strong> <strong>VPN</strong> interoperability, contact Fortinet Technical<br />
Support.<br />
<strong>FortiGate</strong> <strong>IPSec</strong> <strong>VPN</strong> Version 3.0 <strong>User</strong> <strong>Guide</strong><br />
01-30005-0065-20070716 9