Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
bthomaj
Staff
Staff

Created on ‎02-20-2015 06:11 AM Edited on ‎03-13-2025 10:18 PM By Community Manager

Article Id 192758

Technical Note: Setting up an encrypted IPSec connection between FortiGate and FortiAnalyzer

Description

 

This article describes how to configure an encrypted IPSec connection between a FortiGate and a FortiAnalyzer.


Scope

 

FortiGate v4.2.x, v 4.3.x,v 5.0.x, v5.2.x.


Solution

 

Configure the following via the CLI on the FortiGate.
 
V4.2.x and below:
 
config log fortianalyzer setting
  set status enable
  set server 192.168.182.120
  set encrypt enable
  set psksecret 123456
  set localid "FG300B3908606800"
end
 
The 'localid' setting has to match the "Device Name" configured on the FortiAnalyzer for the IPSec tunnel to work. Its value is the peer ID that the FortiGate will present.

V4.3.x:
 
config log fortianalyzer setting
  set status enable
  set server 192.168.182.120
  set encrypt enable
  set psksecret 123456
  set localid "FG300B3908606800" 
set upload-option realtime
end
 
V5.0.x and above:
 
config log fortianalyzer setting
  set status enable
  set server 192.168.182.120
  set encrypt enable
  set psksecret 123456
  set localid "FG300B3908606800"
  set upload-option realtime
end
 
 
Configure the following via the CLI for FortiAnalyzer v4.2.x and v4.3.x:
 
config log device
  edit FG300B3908606800  ----> device name, this must match the localid configured on the FortiGate.
    set type fgt
    set secure psk
    set psk 123456
    set id FG300B3908606800  ----{ device ID
end
 
To check the secure connection, connect to the web based manager and verify the Lock icon on the FortiAnalyzer under All Devices.
 
bthomaj_FD36144_tn_FD36144-1.jpg
 
To check that the FortiGate sends logs to the FortiAnalyzer, connect to the FortiAnalyzer GUI and verify under Log -> Log Viewer.
bthomaj_FD36144_tn_FD36144-2.jpg
 
Configure the following via GUI for FortiAnalyzer v5.0.x, v5.2.x:

Check the box for Secure Connection and enter the device ID for FortiGate and the pre-shared key.

To check the secure connection, connect to the web-based manager and verify that the arrow is up and green on FortiAnalyzer under All Devices.
bthomaj_FD36144_tn_FD36144-4.jpg

 

Note:

v5.0 up to v6.4 is out of engineering support. These commands might be different on higher versions. Consider upgrading the firmware level on the device to a supported version (7.0 up to 7.6). Here check the firmware path and compatibility depending on the hardware: Upgrade tool.

8485
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.