Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ymasaki
Staff
Staff

Created on ‎10-30-2019 03:05 AM Edited on ‎11-25-2024 02:48 AM By Moderator

Article Id 197667

Technical Tip: Dialup VPN Configuration Between Two FortiGates

Description


This article describes how to configure Dialup VPN between two FortiGates.

 

Scope

 

FortiGate.

Solution

 

The FortiGate can be configured to have a point-to-multipoint Dialup VPN.


Here is the Step by Step guide:

Note:

Dial-Up Configuration between FortiGate to FortiGate as a Remote Gateway as 'DailUp User'.

 

Select Site to Site with NAT configuration, the remote site is behind NAT, and then a VPN is automatically created with the DailUp user.

 

  1. Phase 1 Configuration (Dialup Server and Client):

 

 
Note:
For versions above v7.2.8, only one DH group should be selected on both Phase 1 and 2 between FortiGate and FortiClient, when configuring IPsec dial-up in aggressive mode. In the above screenshots, 14 and 5 are checked but need to only select one of them on both sides i.e. FortiGate and FortiClient.
 
  1. Phase 2 Selectors Configuration (Dialup Server and Client):
 
 
  1. Firewall Policies for VPN:
 
 
  1. Static and Dynamic Routes for Dialup VPN:
 
 
Note: IPSec Wizard can also be used to set up a Dialup VPN between two FortiGates.
 
Related document: 
FortiGate as dialup client
9997
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.