Description |
This article is a sample configuration of IPsec VPN authenticating a remote Palo Alto peer with a pre-shared key.
Topology:
|
Scope | FortiGate, Palo Alto. |
Solution |
Note: The wizard shows all available options so that it is possible to speed up the process, but the Custom' option will be used for a better understanding of each step for the IPSec tunnel creation:
The process is straightforward. Using only one screen, it will be possible to configure Phase 1 and Phase 2.
Note: This is just a sample and it is necessary to adjust the tunnel configuration according to the requirements of the network.
Note: All parameters are configured on FortiGate, it is also necessary to configure on the Palo Alto firewall for Phase 1 and Phase 2. On Palo Alto, it is necessary to access more options on different screens to create the IPSec tunnel.
It is necessary to set an ID for the tunnel.
It is necessary to select the tunnel interface with the ID just created, in this case, 'tunnel.1'. Also, select the Phase 1 Proposal on 'IPSec Crypto Profile':
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.