I am new in fortinet product. I want to create a site to site vpn in fortigate 60E(firmware version5.6.1) and fortigate 40C (firmware version 4.0). fortigate 60E has wizard to create vpn but in 40C there is no wizard, so I have to do by manual. So I need some screenshot for do this. Can you provide me.
Hi,
and welcome to the forums.
If you use the v5.6 wizard, the proposals for phase1 and phase2 encryption are chosen differently than in earlier versions of FortiOS. For instance, you won't find 3DES and MD5 anymore by default. Which is good.
So, create your VPN using the wizard, then change the tunnel type to "custom". Now you have full control of all settings. Simply copy those settings (100%, really!) to the older FGT.
For a better picture of the default settings, look at the config in the CLI, "conf vpn ipsec phase1-interface" & "show full". You will see that e.g. the keylifetime differs from the default in FOS v4.
By now you know that I am assuming a VPN in "Interface mode" as opposed to "Policy mode". You should only use interface mode VPNs, for many reasons.
BTW, get away from v5.6.1 and upgrade to v5.6.2 ASAP. Or better still, stay with v5.4.5 on the 60E which is just fine and stable, until v5.6 has settled a bit.
Even I could not upgrade the firmware of fortigate 40C (firmware version 4.0). I have upgraded firmware though I am unable to do that. Whenever I try to upload it successfully uploaded but it never installed and show downgraded.
susamghatak wrote:There is different firmware for the Fortigate 40C (FGT40C) and Forti WiFi 40C (FWF40C). Make sure you chose the correct one. Also as stated earlier, from the CLI, copy the config from the 60, swap the phase 2 selectors and paste into the 40C. That should be all you need aside from the static route(s) and policy(s).Even I could not upgrade the firmware of fortigate 40C (firmware version 4.0). I have upgraded firmware though I am unable to do that. Whenever I try to upload it successfully uploaded but it never installed and show downgraded.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Yes, are you sure you have got the correct firmware image (model, version)? What is it called?
The subject has 30E, but in all your posts, you refer to 60E. Which is it?
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.