EasyManuals Logo

Fortinet FortiGate Series Administration Guide

Fortinet FortiGate Series
764 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #68 background imageLoading...
Page #68 background image
IPsec protocol improvements What’s new in FortiOS Version 4.0 MR1
FortiGate Version 4.0 MR1 Administration Guide
68 01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
config vpn ipsec phase2
config vpn ipsec phase2-interface
Support for SHA256
In FortiOS 4.0 MR1, you can use the SHA256 authentication digest, which is more secure
than the SHA1 and MD5 algorithms. The SHA256 option is available in the web-based
manager locations:
• P1 Proposal, Authentication in VPN > IPsec > Auto Key (IKE) > Create Phase 1
• P2 Proposal, Authentication in VPN > IPsec > Auto Key (IKE) > Create Phase 2
• Authentication Algorithm, in VPN > IPsec > Manual Key > Create New
The equivalent settings in the CLI are:
• config vpn ipsec phase1 or config vpn ipsec phase1-interface
edit <gateway_name>
set proposal <encryption_combination>
You can set the authentication portion of <encryption_combination> to SHA256,
for example 3des-sha256.
• config vpn ipsec phase2 or config vpn ipsec phase2-interface
edit <tunnel_name>
set proposal <encryption_combination>
You can set the authentication portion of <encryption_combination> to SHA256,
for example 3des-sha256.
• config vpn ipsec manualkey
edit <tunnel_name>
set authentication <authentication_algorithm>
You can set <authentication_algorithm> to sha256.
• config vpn ipsec manualkey-interface
edit <tunnel_name>
set auth-alg <authentication_algorithm>
You can set <authentication_algorithm> to sha256.

Table of Contents

Other manuals for Fortinet FortiGate Series

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Install Guide
Install Guide51 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Fortinet FortiGate Series and is the answer not in the manual?

Fortinet FortiGate Series Specifications

General IconGeneral
ModelFortiGate Series
CategoryFirewall
ThroughputVaries by model
InterfacesVaries by model
Concurrent SessionsVaries by model
VPN SupportYes
High AvailabilityYes
Firewall ThroughputVaries by model
VPN ThroughputVaries by model
IPS ThroughputVaries by model
NGFW ThroughputVaries by model
Threat Protection ThroughputVaries by model
New Sessions per SecondVaries by model
Power SupplyVaries by model
Security FeaturesFirewall, IPS, Application Control, Web Filtering, Antivirus, VPN
Virtual DomainsYes
Form FactorDesktop, Rackmount

Related product manuals