FortiGate to SonicWall VPN setup
来源:互联网 发布:淘宝优惠卷怎么赚钱 编辑:程序博客网 时间:2024/05/01 01:21
Configure the FortiGate unit
Configure the Phase1 and Phase 2 VPN settings
To configure the Phase1 settings
- Go to VPN > IPSec > Phase 1.
- Select Create New and enter the following:
Gateway Name: SonicWall
Remote Gateway: Static IP
IP Address: ip address
Mode: Main
Authentication Method: Preshared Key
Pre-shared Key: preshared key - Select Advanced and enter the following:
Encryption: 3DES
Authentication: SHA1
DH Group: 2
Keylife: 28800
Leave all other settings as their default. - Select OK.
To configure the Phase 2 settings
- Go to VPN > IPSec > Phase 2.
- Select Create New and enter the following:
Tunnel Name: SonicWall
Remote Gateway: Select SonicWall - Select Advanced and enter the following:
Encryption: 3DES
Authentication: SHA1
DH group: 2
Keylife: 28800
Internet browsing: None
Quick Mode Identities: Use selectors from policy - Select OK.
Add a firewall policy
Add an the source and destination addresses and add an internal to external policy that includes these source and destination addresses to permit the traffic flow.
To add the addresses
- Go to Firewall > Address.
- Select Create New to create the FortiGate address.
- Enter a name for the address, for example FortiGate_network.
- Enter the FortiGate IP address and subnet.
- Select OK.
- Select Create New again to create the SonicWall address.
- Enter the name for the address, for example SonicWall_network.
- Enter the SonicWall IP address and subnet.
- Select OK.
To create a firewall policy for the VPN traffic going from the FortiGate unit to the SonicWall device
- Go to Firewall > Policy.
- Select Create New and set the following:
Source Interface: Internal
Source Address: FortiGate_network
Destination Interface: SonicWall_network
Destination Address: WAN1 (or External)
Schedule: always
Service: ANY
Action: Encrypt
VPN Tunnel: SonicWall
Select Allow inbound
Select Allow outbound - Select OK.
To create a firewall policy for the VNP traffic going from the SonicWall device to the FortiGate unit
- Go to Firewall > Policy.
- Select Create New and set the following:
Source Interface: WAN1 (or external)
Source IP address: SonicWall_network
Destination Interface: Internal
Destination Address Name: FortiGate_network
Schedule: always
Service: ANY
Action: Encrypt
VPN Tunnel: SonicWall
Select Allow inbound
Select Allow outbound - Select OK.
Configure the SonicWall Device
Create the address object for the FortiGate unit to identify the FortiGate unit's IP address for the VPN Security Association (SA).
To create an address entry
- Go to Network > Address Objects.
- Select Add and enter the following:
Name: FortiGate_network
Zone Assignment: VPN
Type: Network
Network: FortiGate IP address
Netmask: FortiGate netmask - Select OK.
Configure the VPN settings for the VPN tunnel connection.
- To configure the VPN, go to VPN.
- Ensure Enable VPN is selected in the VPN Global Settings section.
- Select Add in the VPN Policies area.
- Select the General tab and configure the following:
IPSec Keying Mode: IKE using Preshared Secret.
Name: FortiGate_network
IPSec primary Gateway Name or Address: IPSec gateway IP address
Shared Secret: Preshared
Local IKE ID: IP Address (address left empty)
Peer IKE ID: IP Address (address left empty) - Select the Network tab and configure the following:
- For the Local Networks, select Choose local network from list and select LAN Primary Subnet.
- For the Destination Networks, select Choose destination network from list and select FortiGate_network.
- Select the Proposals tab and configure the following:
IKE (Phase1) Proposal- Exchange: Main Mode
DH Group: Group 2
Encryption: 3DES
Authentication: SHA1
Life Time: 28800
IKE (Phase2) Proposal- Protocol: ESP
Encryption: 3DES
Authentication: SHA1
DH Group: Group 2
Life Time: 28800 - Select the Advanced tab and select Enable Keep Alive.
- Select OK.
- FortiGate to SonicWall VPN setup
- SonicWALL和Fortigate之间建立IPSec VPN
- WatchGuard Firebox II to FortiGate 2.8 VPN setup
- Fortigate to cisco router ipsec vpn configure!
- Fortigate SSL-VPN配置
- Configuring OpenSwan for FortiGate VPN
- Configuring OpenSwan for FortiGate VPN
- Linux下VPN(sonicwall NetExtender)安装
- Setup VPN
- How To Setup Your Own VPN With PPTP
- Making FortiGate completely invisible to probes
- VPN setup using routerOS
- How to setup VPN server (PPTP on CentOS, RedHat and Ubuntu)
- Change Switch Mode to Interface Mode in Fortigate FortiOS 5
- How To Setup MogileFS
- how to setup DatabaseMail
- How To Setup MogileFS
- how to setup mysql
- 关注HP正式及外包职位
- 最近求职经历
- FortiOS 3.0 部分网站及MSN无法登陆解决方法
- Creating redundant network interfaces with os 2.8
- Creating redundant network interfaces with os 3.0
- FortiGate to SonicWall VPN setup
- Using the FortiOS built-in packet sniffer
- FortiOS v3.0 HA Cluster virtual MAC addresses
- How do I configure a Virtual IP
- Making FortiGate completely invisible to probes
- Link Aggregation how tos
- 802.3ad Link Aggregation FAQ
- configure the logging of Denied Traffic to a FG
- 宏中"#"和"##"的用法