IPsec tunnel for remote access (client access)

Forum|Forum|7 months ago
October 16, 2025
2 replies
439 views

Hi everyone,

I want to set up ipsec with FortiClient as dialup client (as mentioned here: https://docs.fortinet.com/document/fortigate/7.4.8/administration-guide/785501/forticlient-as-dialup-client).

Since ipsec seems to have way more options than ssl vpn - if I go trough the IPsec Wizard for remote access. Are these default settings ok (safe) to use?

IPsec

Best answer by tbarua

Hi Miciti,

Yes, if the default settings work for you, you can leave them as they are.

Additionally, you can check these documents as well as a reference:

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Using-IKEv2-for-a-dial-up-IPsec-tunnel-with/ta-p/229663

https://community.fortinet.com/t5/FortiGate/Technical-Tip-IKEv2-Dialup-IPsec-tunnel-with-RADIUS-and/ta-p/220818

AEK

SuperUser

Hi Miciti

Yes they should be safe, because the latest FortiOS versions don't use the obsolete encryption/authentication algorithms.

AEK

tbaruaAnswer

Staff

Hi Miciti,

Yes, if the default settings work for you, you can leave them as they are.

Additionally, you can check these documents as well as a reference:

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Using-IKEv2-for-a-dial-up-IPsec-tunnel-with/ta-p/229663

https://community.fortinet.com/t5/FortiGate/Technical-Tip-IKEv2-Dialup-IPsec-tunnel-with-RADIUS-and/ta-p/220818

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded