Technical Tip: Configuring FortiGate to Linksys HomeWrk Router IPSec VPN

Linksys side:

1. From the Linksys HomeWRK dashboard, select Work SSID -> Settings -> VPN.

2. Toggle VPN.

3. Below are the details of each option:

• Server IP Address: This corresponds to the IP address of the VPN gateway.
• Port: For IPSEC, when NAT-Traversal is not necessary, it employs UDP port 500 for IKE. When traversing NAT, it dynamically shifts to UDP port 4500. Nonetheless, certain ISPs might obstruct these port numbers. Adjust the port number if the need arises.
• Pre-shared Key (PSK): This key is mutually shared between the IPSEC gateway and this router to establish the IPSEC connection.
• Peer ID: In cases where the IPSEC gateway functions as a dial-up server, every remote user/device that connects needs to present a Peer ID or Local ID for identification.
• Remote Subnets: Enabling this feature facilitates VPN split tunneling. This means that exclusively the traffic directed towards the specified subnets will travel through the VPN, while all other traffic takes a direct route to the internet. If this option is deactivated, all traffic will be directed into the VPN tunnel. To set up VPN split tunneling, activate the virtual switch. Proceed by selecting 'Add destination' to input additional VPN settings. Do not forget to save the changes by selecting 'Save'.

FortiGate side:

1. On the Fortigate, configure the IPSec VPN tunnel as normal.

2.  The only change is the peer ID. Use the Peer-ID provided by the Linksys.

   (Earlier this used to be the MAC address of LinkSys to be used on Fortigate as Peer ID, however with newer developments, it has changed).