Site-to-Site IPsec VPN

Video Activity

In this video, you will create a route-based IPsec VPN to allow transparent communication between two different networks, each located behind a FortiGate. The VPN will be created on both FortiGates by using the VPN Wizard's Site to Site FortiGate template. Visit Fortinet's documentation library at http://docs.fortinet.com or our cookbook site at ht...

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
1 hour 35 minutes
Difficulty
Beginner
CEU/CPE
2
Video Description

In this video, you will create a route-based IPsec VPN to allow transparent communication between two different networks, each located behind a FortiGate. The VPN will be created on both FortiGates by using the VPN Wizard's Site to Site FortiGate template. Visit Fortinet's documentation library at http://docs.fortinet.com or our cookbook site at http://cookbook.fortinet.com.

Video Transcription
00:00
>> In this video, you will create a rout- based
00:00
IPsec VPN to allow
00:00
transparent communication between
00:00
>> two different networks,
00:00
>> each located behind a FortiGate.
00:00
The VPN will be created on both FortiGates using
00:00
the VPN wizard's site-to-site FortiGate template.
00:00
In this video, one office will be referred to as HQ,
00:00
and the other will be referred to as Branch.
00:00
On the HQ FortiGate, go to VPN,
00:00
IPsec, Wizard and select Site to Site - FortiGate.
00:00
Set the Branch FortiGate's IP as the remote gateway.
00:00
After you enter the gateway,
00:00
an available interface will be
00:00
assigned as the outgoing interface.
00:00
If you wish to use a different interface,
00:00
>> select Change.
00:00
>> Set a secure pre-shared key.
00:00
Set Local interface to your LAN interface.
00:00
The Local Subnet will be added automatically.
00:00
Set Remote Subnets to
00:00
the Branch FortiGate's Local Subnet.
00:00
A summary page shows
00:00
the configuration created by the wizard,
00:00
including firewall addresses,
00:00
firewall address groups,
00:00
a static route, and security policies.
00:00
You can select any of these objects
00:00
to view its configuration.
00:00
On the Branch FortiGate,
00:00
go to VPN, IPsec,
00:00
Wizard, and select Site-to-Site - FortiGate.
00:00
Set the HQ FortiGate's IP as the remote gateway.
00:00
As you enter the gateway
00:00
an available interface will be
00:00
assigned as the outgoing interface.
00:00
Set the same pre-shared key
00:00
that you used for the HQ's VPN.
00:00
Set Local Interface to your LAN interface.
00:00
The Local Subnet will be added automatically.
00:00
Set Remote Subnets to the HQ FortiGate's Local Subnet.
00:00
A summary page shows
00:00
the configuration created by the wizard.
00:00
A user on either side of
00:00
the office network should be able to
00:00
connect to any address on
00:00
the other office network transparently.
00:00
If you need to generate traffic to
00:00
test the connection ping
00:00
the Branch FortiGate's internal interface
00:00
from the HQ's internal network.
00:00
Go to VPN, Monitor,
00:00
IPSec Monitor to verify that traffic is flowing.
00:00
Thank you for watching.
00:00
For further details,
00:00
go to docs.fortinet.com to
00:00
access Fortinet's complete Documentation Library.
Up Next