Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
paul_slegg
New Contributor

IPSEC IOS Help

Hi

 

I am struggling with setting up a VPN connection from IOS devices to my internal network (Fortigate firewall 500D)

 

I started by using SSL VPN, but found the IOS app was next to useless, as it doesn't support tunneling and as soon as you close the app, you lose the VPN. 

 

I started looking into IPSEC via the IOS Dialup, but cannot get my head around it. My knowledge of IPSEC was that it requires a source IP and destination IP, however, with the mobile devices constantly on the road, near on impossible to lock down the devices IP. It seems IPSEC IOS doesnt require this, but i am lost to understand how it authenticates the tunnel between the devices? 

 

Any help to get my head around this would be much appreciated. 

 

Thanks

 

Paul

1 Solution
gschmitt
Valued Contributor

3 REPLIES 3
gschmitt
Valued Contributor

paul_slegg

Thanks for the reply. 

 

The process of the setup i am ok with, it is more understanding how this can work from a security side of things, is their a virtual remote gateway that acts as the source IP?   

gschmitt
Valued Contributor

Depends on your service provider. Mobile devices do have an external IP address. That IP address is often shared tho.

In my country the devices usually connect to a gateway which handles around 10 devices per IP and manages the connection, similar to NAT.

An IPSec Tunnel set to Dial-Up does not require a static source IP address hence any IP can establish the connection.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors