Skip to main content
James_G
New Member
November 7, 2019
Question

IPSEC enabled interface security

  • November 7, 2019
  • 2 replies
  • 2235 views

Am i correct in thinking that IPSEC site to site VPN configurations were the remote gateway is specified as a static IP, the tunnel will only be able to be brought up if the remote gateway is indeed on that IP?

 

What I am asking is can I depend on the fixed IP of the gateways being a 'factor' in 2 factor security. The other factor obviously is the pre-shared keys.

 

Thanks.

    2 replies

    James_G
    James_GAuthor
    New Member
    November 7, 2019

    Answered my own question - IPSEC main mode uses the fixed remote IP to respond, thus can be a factor

     

    :)

    sw2090
    SuperUser
    SuperUser
    November 8, 2019

    well the Fortigate does also support entering a FQDN as remote gw of an IPSec Tunnel.

    I did that once using some dyndns fqdn since I have no static ip on that site and it works util today.