Fortigate: How to configure IPSec VPN Client to site on Fortigate

Overview

This article explains how to configure the IPSec VPN Client to site feature on Fortigate device so that the devices can be accessed and remote local area network safely

How to configure

  • Login to Fortigate by Admin account
  • User & Device -> User Definition -> Click Create New to create an account for VPN user
  • Choose Local User -> Click Next to continue
  • Enter name and password for VPN user -> Click Next to continue
  • Enter mail for VPN user
  • Choose Enabled -> Click Next to continue
  • User & Device -> User Groups to create User group VPN for VPN user and add user you want to connect VPN -> Click OK to save
  • Policy & Objects -> Addresses to create address ranges for internal VPN networks
  • Create VPN tunnel client to site
  • VPN -> IPSec Wizard -> Choose Remote Address -> Enter name -> Click Next to continue
  • In Incoming Interface: Choose Port WAN of device
  • In Authentication Method: Choose Pre-shared Key
  • In Pre-shared Key: Enter key you want to authenticate
  • In User Group: Choose VPN group which was created before

-> Click Next to continue

  • In Local Interface: Choose Port LAN
  • In Local Address: Choose address range for IPSec LAN which was created before
  • In Client Address Range: Enter IP for VPN client

-> Click Next to continue

  • Click Create to finish
  • Check information
upload_2017-8-23_9-59-8.jpeg
  • Create policy allow VPN user access Internet
  • In Incoming Interface: Choose VPN policy which was created before
  • In Outgoing Interface: Choose Port WAN
  • In Source: Choose All
  • In Destination: Choose All
  • In Service: Choose All

-> Click OK

  • Download and install FortiClient VPN from Fortinet
  • Enter all information -> Click Save
  • Enter password of User VPN -> Click Connect
  • Finish VPN connection

** If you have difficulty configuring Sophos products in Viet Nam, please contact us:

Hotline: 02862711677

Email: info@thegioifirewall.com

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.