FortiGate IPSec VPN User Guide - FirewallShop.com
FortiGate IPSec VPN User Guide - FirewallShop.com
FortiGate IPSec VPN User Guide - FirewallShop.com
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Redundant route-based <strong>VPN</strong> configuration example<br />
Redundant <strong>VPN</strong> configurations<br />
Service<br />
Action<br />
Any<br />
ACCEPT<br />
7 Select Create New, enter the following information, and select OK:<br />
Source Interface/Zone<br />
Source Address Name<br />
Destination Interface/Zone<br />
Destination Address Name<br />
Schedule<br />
Service<br />
Action<br />
Site_1_C<br />
All<br />
Internal<br />
All<br />
Always<br />
Any<br />
ACCEPT<br />
8 Select Create New, enter the following information, and select OK:<br />
Source Interface/Zone<br />
Source Address Name<br />
Destination Interface/Zone<br />
Destination Address Name<br />
Schedule<br />
Service<br />
Action<br />
Internal<br />
All<br />
Site_1_D<br />
All<br />
Always<br />
Any<br />
ACCEPT<br />
9 Select Create New, enter the following information, and select OK:<br />
Source Interface/Zone<br />
Source Address Name<br />
Destination Interface/Zone<br />
Destination Address Name<br />
Schedule<br />
Service<br />
Action<br />
Site_1_D<br />
All<br />
Internal<br />
All<br />
Always<br />
Any<br />
ACCEPT<br />
Configuring <strong>FortiGate</strong>_2<br />
The configuration for <strong>FortiGate</strong>_2 is very similar that of <strong>FortiGate</strong>_1. You must<br />
• configure the interfaces involved in the <strong>VPN</strong><br />
• define the phase 1 configuration for each of the four possible paths, creating a<br />
virtual <strong>IPSec</strong> interface for each one<br />
• define the phase 2 configuration for each of the four possible paths<br />
• configure routes for the four <strong>IPSec</strong> interfaces, assigning the appropriate<br />
priorities<br />
• configure in<strong>com</strong>ing and outgoing firewall policies between the internal interface<br />
and each of the virtual <strong>IPSec</strong> interfaces<br />
To configure the network interfaces<br />
1 Go to System > Network > Interface.<br />
2 Select the Edit icon for the Internal interface, enter the following information and<br />
then select OK:<br />
<strong>FortiGate</strong> <strong>IPSec</strong> <strong>VPN</strong> Version 3.0 <strong>User</strong> <strong>Guide</strong><br />
92 01-30005-0065-20070716