Configuring the FortiGate-7000 as a dialup IPsec VPN server
IPsec VPN
config vpn ipsec phase2-interface
edit "to-fgt2"
set phase1name "to-fgt2"
set src-addr-type name
set dst-addr-type name
set src-name "local_group"
set dst-name "remote_group"
end
Configuring the FortiGate-7000 as a dialup IPsec VPN server
FortiGate-7000s running v5.4.5 can be configured as dialup IPsec VPN servers.
Example dialup IPsec VPN configuration
The following shows how to setup a dialup IPsec VPN configuration where the FortiGate-7000 acts as a dialup
IPsec VPN server.
To configure the FortiGate-7000 as a dialup IPsec VPN server:
Configure the phase1, set type to dynamic.
config vpn ipsec phase1-interface
edit dialup-server
set type dynamic
set interface "v0020"
set peertype any
set psksecret < password>
end
Configure the phase 2, to support dialup IPsec VPN, set the destination subnet to 0.0.0.0 0.0.0.0.
config vpn ipsec phase2-interface
edit dialup-server
set phase1name dialup-server
set src-subnet 4.2.0.0 255.255.0.0
set dst-subnet 0.0.0.0 0.0.0.0
end
53
FortiGate-7000
Fortinet Technologies Inc.