IPsec VPN for Remote iOS Users

Video Activity

In this video, you're going to learn how to set up an IPsec VPN using the new VPN Wizard in FortiOS 5.2. Using IPsec VPN, you can provide remote iOS users with secure, encrypted access to an internal network, and routes their Internet traffic through the FortiGate so it abides by your security and firewall policies. This example uses iOS, but you c...

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
1 hour 35 minutes
Difficulty
Beginner
CEU/CPE
2
Video Description

In this video, you're going to learn how to set up an IPsec VPN using the new VPN Wizard in FortiOS 5.2. Using IPsec VPN, you can provide remote iOS users with secure, encrypted access to an internal network, and routes their Internet traffic through the FortiGate so it abides by your security and firewall policies. This example uses iOS, but you can adapt it for any VPN-capable device. Visit Fortinet's documentation library at http://docs.fortinet.com.

Video Transcription
00:00
>> In this video, you're going to learn
00:00
>> how to set up an IPsec VPN
00:00
>> using the new VPN wizard in Forti US 5.2.
00:00
>> Using IPsec VPN, you can provide remote iOS users
00:00
>> with secure encrypted access to an internal network
00:00
>> and route their internet traffic through the FortiGate
00:00
so it abides by your security and firewall policies.
00:00
This example uses iOS,
00:00
but you can adapt it for any VPN capable device.
00:00
First, go to User & Device, User Definition
00:00
to create a user with a password.
00:00
Then go to User & Device, User Groups.
00:00
Create a user group for iOS users
00:00
>> and add the user that you created.
00:00
>> Next, go to Policy & Objects, Addresses
00:00
>> to define the internal network address
00:00
>> that remote users can access.
00:00
Create a local network address,
00:00
setting the subnet IP range
00:00
and setting the interface to any.
00:00
Now go to VPN IPsec wizard to create the VPN tunnel,
00:00
name your VPN connection and select dial-up iOS native.
00:00
Then next, set the incoming interface
00:00
to the internet facing interface.
00:00
Enter a pre-shared key
00:00
and select the iOS user group from the list.
00:00
Select Next, set the local interface
00:00
>> to the internal land interface
00:00
>> and select the local address that you created.
00:00
>> Enter an IP range to be assigned to VPN users.
00:00
This will create an address range
00:00
>> that can be used in firewall policies and a policy
00:00
>> that grants VPN users access to the internal network.
00:00
>> Next, you'll need to go to Policy & Objects, Policy,
00:00
IPv4 to create a firewall policy
00:00
>> allowing remote users to access the internet securely
00:00
>> through the FortiGate unit.
00:00
>> Set the incoming interface to the VPN interface,
00:00
and the outgoing interface
00:00
>> to your internet facing interface.
00:00
>> Configure the rest as normal.
00:00
Ensure that NAT is enabled.
00:00
On the iOS device,
00:00
go to Settings, VPN and select Add VPN Configuration.
00:00
Enter the VPN address,
00:00
user account, and password in their relevant fields.
00:00
Enter the pre-shared key in the secret field.
00:00
On the FortiGate unit,
00:00
you can go to VPN IPsec monitor
00:00
to view the status of the VPN tunnel.
00:00
Remote user traffic is logged in
00:00
Log & Report, Traffic Log, Forward Traffic.
00:00
Filter the source interface column
00:00
>> for the VPN interface
00:00
>> to see VPN users accessing the internal network.
00:00
>> Thank you for watching.
00:00
If you need further details,
00:00
you can visit docs.fortinet.com at anytime
00:00
>> to access fortinet's complete documentation library.
Up Next