EasyManuals Logo

Fortinet FortiGate Series Administration Guide

Fortinet FortiGate Series
764 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #617 background imageLoading...
Page #617 background image
IPSec VPN Auto Key
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 617
http://docs.fortinet.com/Feedback
Figure 379: Phase 1 advanced settings
Enable IPSec Interface
Mode
This is available in NAT/Route mode only.
Create a virtual interface for the local end of the VPN tunnel. Select this
option to create a route-based VPN, clear it to create a policy-based
VPN.
IKE Version Select the version of IKE to use: 1 or 2. The default is 1. This is available
only if IPsec Interface Mode is enabled. For more information about IKE
v2, refer to RFC 4306.
IKE v2 is not available if Mode is Aggressive.
When IKE Version is 2, Mode and XAUTH are not available.
IPv6 Version Select if you want to use IPv6 addresses for the remote gateway and
interface IP addresses. This is available only when Enable IPSec
Interface Mode is enabled and IPv6 Support is enabled in the
administrative settings.
Local Gateway IP If you selected Enable IPSec Interface Mode, specify an IP address for
the local end of the VPN tunnel. Select one of the following:
Main Interface IP — The FortiGate unit obtains the IP address of the
interface from the network interface settings. For more information, see
“Configuring interfaces” on page 177.
Specify — You can specify a secondary address of the interface
selected in the phase 1 Local Interface field. For more information, see
“Local Interface” on page 615.
You cannot configure Interface mode in a Transparent mode VDOM.
P1 Proposal Select the encryption and authentication algorithms used to generate
keys for protecting negotiations.
Add or delete encryption and authentication algorithms as required.
Select a minimum of one and a maximum of three combinations. The
remote peer or client must be configured to use at least one of the
proposals that you define.
Select one of the following symmetric-key algorithms:
DES — Digital Encryption Standard, a 64-bit block algorithm that uses a
56-bit key.
3DES — Triple-DES, in which plain text is encrypted three times by three
keys.
AES128a 128-bit block Cipher Block Chaining (CBC) algorithm that
uses a 128-bit key.
AES192a 128-bit block Cipher Block Chaining (CBC) algorithm that
uses a 192-bit key.
AES256a 128-bit block Cipher Block Chaining (CBC) algorithm that
uses a 256-bit key.
Add
Delete

Table of Contents

Other manuals for Fortinet FortiGate Series

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Install Guide
Install Guide51 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Fortinet FortiGate Series and is the answer not in the manual?

Fortinet FortiGate Series Specifications

General IconGeneral
ModelFortiGate Series
CategoryFirewall
ThroughputVaries by model
InterfacesVaries by model
Concurrent SessionsVaries by model
VPN SupportYes
High AvailabilityYes
Firewall ThroughputVaries by model
VPN ThroughputVaries by model
IPS ThroughputVaries by model
NGFW ThroughputVaries by model
Threat Protection ThroughputVaries by model
New Sessions per SecondVaries by model
Power SupplyVaries by model
Security FeaturesFirewall, IPS, Application Control, Web Filtering, Antivirus, VPN
Virtual DomainsYes
Form FactorDesktop, Rackmount

Related product manuals