The remote and local ends of the IPsec tunnel.To configure IPsec Phase 1 settings, go to VP N > IPsec Tunnels and edit the P h as e 1 Proposal (if it is not available, you may need to click the C on ve r t to Custom Tunnel button). The following topics are included in this section: OverviewĬhoosing the IKE version Authenticating the FortiGate unit Authenticating remote peers and clients Defining IKE negotiation parameters Using XAuth authentication The information and procedures in this section do not apply to VPN peers that perform negotiations using manual keys. You can increase access security further using peer identifiers, certificate distinguished names, group names, or the FortiGate extended authentication (XAuth) option for authentication purposes.įor more information on Phase 1 parameters in the web-based manager, see IPsec VPN in the web-based manager on page 1611. The Phase 1 parameters identify the remote peer or clients and supports authentication through preshared keys or digital certificates. This chapter provides detailed step-by-step procedures for configuring a FortiGate unit to accept a connection from a remote peer or dialup client.
0 Comments
Leave a Reply. |