VPN IPSEC Auto Key
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102 293
Figure 178:New Phase 2
Defining phase 2 advanced settings
In phase 2, the FortiGate unit and the VPN peer or client exchange keys again to
establish a secure communication channel between them. The P2 Proposal
parameters select the encryption and authentication algorithms needed to
generate keys for protecting the implementation details of Security Associations
(SAs). The keys are generated automatically using a Diffie-Hellman algorithm.
A number of additional advanced phase 2 settings are available to enhance the
operation of the tunnel. To modify IPSec phase 2 advanced parameters, go to
VPN > IPSEC Auto Key (IKE), select Create Phase 2, and then select Advanced.
Figure 179:Phase 2 advanced settings
Name Type a name to identify the phase 2 configuration.
Phase 1 Select the phase 1 tunnel configuration. See “Creating a new phase 1
configuration” on page 287. The phase 1 configuration describes how
remote VPN peers or clients will be authenticated on this tunnel, and how
the connection to the remote peer or client will be secured.
Advanced Define advanced phase 2 parameters. See “Defining phase 2 advanced
settings” on page 293.
Add
To Next Page
Loading...
Need help?
General