Route-based vs Policy based VPN

Route based - sets up the VPN tunnel as a virtual interface. You can apply policies to and from an interface as normal. Policy based VPN, requires you to create policies to teh external interface using teh ENCRYPt or IPSEC option. to mind mind Interface based are much more logical and controllable than policy based. Interface mode is the new way - policy mode is the old way. IMHO of course

agree with doshbass, but would just add that I' ve found interface mode to be easier if you are trying to connect to a 3rd party device, particulary snapgear and pix, whereas policy based are very simple to create to other fortigates. ymmv Matt