Clik here to view.
VRRP
VRRP A Virtual Router Redundancy Protocol (VRRP) configuration can be used as a high availability solution to make sure that a network maintains connectivity with the Internet (or with other networks)...
View ArticleClik here to view.
Configuring VRRP
Configuring VRRP To configure VRRP you must configure two or more FortiGate interfaces or routers with the same virtual router ID and IP address. Then these FortiGate units or routers can...
View ArticleClik here to view.
Example VRRP configuration: VRRP load balancing two FortiGate units and two...
Example VRRP configuration: VRRP load balancing two FortiGate units and two VRRP groups In this configuration two VRRP groups are involved. Each FortiGate unit participates in both of them. One...
View ArticleClik here to view.
FortiGate Session Life Support Protocol (FGSP)
FortiGate Session Life Support Protocol (FGSP) In a network that already includes load balancing (either with load balancers or routers) for traffic redundancy, two identical FortiGate units can be...
View ArticleClik here to view.
Configuring FGSP HA
Configuring FGSP HA You configure FGSP HA separately for each virtual domain to be synchronized. If virtual domain configuration is not enabled, you configure FGSP HA for the root virtual domain. When...
View ArticleChapter 14 – IPsec VPN
Chapter 14 – IPsec VPN This FortiOS Handbook chapter contains the following sections: IPsec VPN concepts explains the basic concepts that you need to understand about virtual private networks (VPNs)....
View ArticleIPsec VPN concepts
IPsec VPN concepts Virtual Private Network (VPN) technology enables remote users to connect to private computer networks to gain access to their resources in a secure way. For example, an employee...
View ArticleIPsec VPN overview
IPsec VPN overview This section provides a brief overview of IPsec technology and includes general information about how to configure IPsec VPNs using this guide. The following topics are included in...
View ArticleIPsec VPN in the web-based manager
IPsec VPN in the web-based manager To configure an IPsec VPN, use the general procedure below. With these steps, your FortiGate unit will automatically generate unique IPsec encryption and...
View ArticlePhase 2 configuration
Phase 2 configuration After IPsec Phase 1 negotiations end successfully, you begin Phase 2. You can configure the Phase 2 parameters to define the algorithms that the FortiGate unit may use to encrypt...
View ArticleFortiClient VPN
FortiClient VPN Use the FortiClient VPN for OS X, Windows, and Android VPN Wizard option when configuring an IPsec VPN for remote users to connect to the VPN tunnel using FortiClient. When...
View ArticleConcentrator
Concentrator In a hub-and-spoke configuration, policy-based VPN connections to a number of remote peers radiate from a single, central FortiGate unit. Site-to-site connections between the remote peers...
View ArticleIPsec Monitor
IPsec Monitor You can use the IPsec Monitor to view activity on IPsec VPN tunnels and start or stop those tunnels. The display provides a list of addresses, proxy IDs, and timeout information for all...
View ArticleFortiGate IPSec Phase 1 parameters
Phase 1 parameters This chapter provides detailed step-by-step procedures for configuring a FortiGate unit to accept a connection from a remote peer or dialup client. The Phase 1 parameters identify...
View ArticlePhase 2 parameters
Phase 2 parameters This section describes the Phase 2 parameters that are required to establish communication through a VPN. The following topics are included in this section: Phase 2 settings...
View ArticleClik here to view.
Defining VPN security policies
Defining VPN security policies This section explains how to specify the source and destination IP addresses of traffic transmitted through an IPsec VPN, and how to define appropriate security policies....
View ArticleClik here to view.
Gateway-to-gateway configurations
Gateway-to–gateway configurations This section explains how to set up a basic gateway-to-gateway (site-to-site) IPsec VPN. The following topics are included in this section: Configuration overview...
View ArticleClik here to view.
Dynamic DNS configuration
Dynamic DNS configuration This section describes how to configure a site-to-site VPN, in which one FortiGate unit has a static IP address and the other FortiGate unit has a domain name and a dynamic IP...
View ArticleClik here to view.
FortiClient dialup-client configurations
FortiClient dialup-client configurations The FortiClient Endpoint Security application is an IPsec VPN client with antivirus, antispam and firewall capabilities. This section explains how to configure...
View ArticleClik here to view.
FortiGate dialup-client configurations
FortiGate dialup-client configurations This section explains how to set up a FortiGate dialup-client IPsec VPN. In a FortiGate dialup-client configuration, a FortiGate unit with a static IP address...
View Article