Set two different psk ikev2

Forum|Forum|6 years ago
September 24, 2019
1 reply
6402 views

Hello Community,

I've to set two different PSK at a site-to-site vpn ikev2 tunnel. The gui or cli will only set one key for psk. I've to set up a tunnel to a lancom firewall, there is a psk configured for local and one for remote.

How to set two different psk to one ikev2 tunnel configuration?

Thanks

Markus

Best answer by emnoc

Not possible nor required. Just use the single psk for ikev2.

Ken Felix

emnocAnswer

New Member

Not possible nor required. Just use the single psk for ikev2.

Ken Felix

Radu_sec

New Member

Hi Ken,

Do you know if Fortigate supports different auth methods for initiator and responder for IKEv2?

My guess is not.

Radu

emnoc

New Member

With ike v2 you can, here's an example of what we have

config vpn ipsec phase1-interface edit "FRBERCYSUR"

set interface "wan1"

set ike-version 2

set authmethod-remote psk

set proposal aes128-sha256 aes256-sha256

set psksecret ENC nLAhFxw2/8DFakOzmWpDMb/yywgeMJ7sMwuQyl7eMOgLRxLiZjZaHWxEXn3ei13SJXZNYehCZsjnarMSFOO7MBnu/XK7NKFQBxG9n6S0ij4KwLTPIlCwruu/MA9S9obIBrK5EyEiqJY0VWhWqERUndlK1K7kGWgy+fqYKVrlqgkOR28FhCwzGVHuoxvZ81d5tRZ9yg==

set psksecret-remote ENC Rh2IPSo+TUdO/G56sE9Q9BUSGwSHHuu3NrBhQl4J2Z9jUAb0MTlyhDuvFHHn+sSOnp7de67KADX8eKff69VAfgaBnGOUDhmbJCp38e0KOuJ1LHKcA+6hoMlpDUK54zxdswkppkD+3vWBeSFAG2o/4XYHRRMU6i1DrhHSaUBfZ+XVS/OrGXo0eHp116SiEGWUyOxk4A== next end

Ken Felix

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded