IPsec VPN with FortiClient

Video Activity

In this video, you will learn how to provide a group of remote users with secure encrypted access to the corporate network using the IPsec VPN Wizard. The tunnel provides group members with encrypted access to the internal network, and forces them through the FortiGate unit for secure Internet access. Visit Fortinet's documentation library at http:...

Join over 3 million cybersecurity professionals advancing their career

Sign up with

Required fields are marked with an *

or

Sign up with Google

Sign up with Apple

Sign up with Microsoft

View all SSO options

Already have an account? Sign In »

Fortinet Fortigate Cookbook

Course

Time

1 hour 35 minutes

Difficulty

Beginner

CEU/CPE

2

Video Description

In this video, you will learn how to provide a group of remote users with secure encrypted access to the corporate network using the IPsec VPN Wizard. The tunnel provides group members with encrypted access to the internal network, and forces them through the FortiGate unit for secure Internet access. Visit Fortinet's documentation library at http://docs.fortinet.com or our video portal at http://video.fortinet.com.

Video Transcription

00:00

>> In this video, you will learn how to

00:00

provide a group of remote users with

00:00

secure encrypted access to

00:00

the corporate network using the IPSec VPN wizard.

00:00

The tunnel provides group members

00:00

with encrypted access to

00:00

the internal network and forces them through

00:00

the FortiGate unit for secure Internet access.

00:00

First, go to user and device, user,

00:00

user definition, and create a new local user.

00:00

For the username enter, Alice.

00:00

Enter a safe password.

00:00

Add the e-mail address.

00:00

Select enable.

00:00

Then go to user and device, user,

00:00

user groups, and create a user group for remote users.

00:00

Then add the user you created to the group.

00:00

Next, go to policy and objects,

00:00

objects, addresses, and

00:00

add a firewall address for the local LAN.

00:00

Make sure that you include

00:00

the subnet and local interface.

00:00

Go to VPN, IPSec, wizard,

00:00

and create a new IPSec VPN tunnel using the wizard.

00:00

Name the VPN connection.

00:00

Select dialup FortiClient for Windows,

00:00

Mac OS, and Android and click next.

00:00

Set incoming interface to

00:00

>> the internet facing interface.

00:00

>> Set authentication method to pre-shared key.

00:00

The pre-shared key is a credential for

00:00

the VPN and should differ from the user's password.

00:00

Select your IPSec VPN user group and then click next.

00:00

Set local interface to

00:00

the internal interface and

00:00

set local address to the local LAN.

00:00

For the client address range,

00:00

enter an IP range that will be assigned to VPN users.

00:00

Click next and for

00:00

your client options, select save password.

00:00

FortiOS automatically creates a new firewall object

00:00

for the VPN tunnel.

00:00

It also creates a security policy to allow

00:00

remote users to access the internal network.

00:00

Next, go to policy and objects,

00:00

policy, IPv4,

00:00

and create a security policy to allow

00:00

remote users to access

00:00

the internet securely through the FortiGate unit.

00:00

Set incoming interface to

00:00

the tunnel interface and set source address to all.

00:00

Set outgoing interface to WAN

00:00

1 and destination address to all.

00:00

Set service to all and ensure that you enable NAT.

00:00

Next, open FortiClient.

00:00

Go to remote access and add a new connection.

00:00

Provide a connection name and set type to IPSec VPN.

00:00

Set remote gateway to the FortiGate IP address.

00:00

Set authentication method to

00:00

pre-shared key and enter the key. Click, okay.

00:00

Select the new connection and enter

00:00

the username and password and click connect.

00:00

Once the connection is established,

00:00

the FortiGate assigns the user an IP address.

00:00

FortiClient displays the connection status,

00:00

which includes the IP address,

00:00

duration, and bytes sent and received.

00:00

Open a browser and ensure that you

00:00

can successfully reach a server.

00:00

This example displays an XAMPP web server.

00:00

Then on the FortiGate unit, go to VPN,

00:00

monitor, IPSec monitor,

00:00

and verify the status of the tunnel.

00:00

Go to log and report,

00:00

traffic log, forward traffic to view the traffic.

00:00

Select an entry to view more information.

00:00

Thank you for watching.

00:00

For more information,

00:00

you can access Fortinet complete

00:00

documentation library at docs.fortinet.com.

Up Next

IPsec VPN for Remote iOS Users

Protect Server IPSDoS

High Availability

Web Filtering Quotas

Similar Content

Fortinet Fortigate Cookbook

Fortinet Fortigate Cookbook

Security engineers and systems administrators need to know how to protect their networks. This Fortinet ...

2CEUs

Fortinet FortiWeb Cloud WAF-as-a-Service

Fortinet FortiWeb Cloud WAF-as-a-Service

Do you have AWS navigation skills, but want to learn about FortiWeb? This course will ...

1CEUs

CISO Competency - Innovation

CISO Competency - Innovation

This is the first course in Ed Amoroso's Twelve Competencies of the Effective CISO, which ...

1CEUs