Fortinet FortiWAN - Define IPSec parameters

To Next Page

To Previous Page

IPSec IPSec set up

Make sure the NAT rule and Phase 2 Quick Mode selector are equal on Source, Destination and Service. For the

details of NAT, see "NAT".

Define IPSec parameters

Go to Service > IPSec

Add Phase 1 configurations for the IPSec tunnel mode VPN between site A's WAN 1 (10.10.10.10) and site B's WAN 1

(20.20.20.20). The other parameters are not listed here.

Phase 1 Local endpoint (Site A) Remote endpoint (Site B)

Name

WAN1_WAN1_Phase1 WAN1_WAN1_Phase1

Local IP

10.10.10.10 20.20.20.20

Remote IP

20.20.20.20 10.10.10.10

Add Phase 2 configurations for the IPSec tunnel mode VPN between site A 's WAN 1 (10.10.10.10) and site B's WAN 1

(20.20.20.20). The other parameters are not listed here.

Phase 2 Local endpoint (Site A) Remote endpoint (Site B)

Name

WAN1_WAN1_Phase2 WAN1_WAN1_Phase2

Quick Mode

Source

192.168.10.0/255.255.255.0 192.168.100.0/255.255.255.0

Source Port

Any Any

Destination

192.168.100.0/255.255.255.0 192.168.10.0/255.255.255.0

Destination Port

Any Any

Protocol

Any Any

For the details of IPSec configuration, see "IPSec VPN in the Web UI".

Procedures to set up a IPSec Tunnel-mode VPN

To set up a IPSec Tunnel-mode VPN, we suggest the steps to follow as below:

Configure Network Settings on both units.

Define correspondent Auto Routing and NAT policies on both units.

Configure the settings of IPSec Tunnel mode Phase 1 and Phase 2 on both units.

202 FortiWAN Handbook

Fortinet Technologies Inc.

Other manuals for Fortinet FortiWAN