Hello, I'm new to the forum. I have a problem with the ipsec tunnel, I have 3 groups of users (office, remote, test), I made an ipsec tunnel with a wizard and it works for office users, they get to the office network.
I need to do 2 more: 1 to the network for remote users (a separate lan) and 1 for testers. When I add a new ipsec tunnel and change Pre-shared Key (or use the same) "office" tunnel stops working.
In the old version of the software, i could make a new Phase 2 in gui and assign a group of users to the separate network.
Where can I do this in 5.6?
All best.
Hi,
Just open the IPSec VPN, then convert it to custom tunnel, then you can create your additional phases 2. For users access, you can manage this with policies. You can create one policy per user group.
Bubu
Bubu
Thanks for reply.
I convert to custom.
In Authentication i use Pre-Shared Key method, IKE 1 and Aggressive mode, Accept types - Any peer ID.
Question: In XAUTH type Auto Server and what user group i must to set? Inherit from policy or chose of that group i made?
In Phase2 what local Adress and Remote adress use? I have 0.0.0.0 in both.
Where i must to create policy per user group? In ipv4 policy?
Is there a guide step by step how to do it?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.