Fortinet black logo

Cookbook

5.6.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.0
6.0.0
5.6.0
5.4.0

Configuring the Branch IPsec VPN

Configuring the Branch IPsec VPN

  1. On Branch, go to VPN > IPsec Wizard.

    Select the Site to Site template and select Next.

  2. In the Authentication section, set IP Address to HQ's Internet-facing IP (in this example, 172.31.1.64).

    After you enter the gateway, an interface is assigned as the Outgoing Interface.

    Set the same Pre-shared Key that was used for HQ’s VPN.

  3. In the Policy & Routing section, set the Local Interface. The Local Subnets is added automatically.

    Set Remote Subnets to HQ's local subnet (in this example, 10.1.1.0/24).

  4. Review the configuration summary.

  5. On either FortiGate, go to Monitor > IPsec Monitor to verify the status of the VPN tunnel. Right-click its Status and select Bring Up.

    Check that the multicast server behind HQ can ping the client at Branch. To generate traffic to test the connection, ping Branch's internal interface from HQ’s internal network.

Previous
Next

Configuring the Branch IPsec VPN

  1. On Branch, go to VPN > IPsec Wizard.

    Select the Site to Site template and select Next.

  2. In the Authentication section, set IP Address to HQ's Internet-facing IP (in this example, 172.31.1.64).

    After you enter the gateway, an interface is assigned as the Outgoing Interface.

    Set the same Pre-shared Key that was used for HQ’s VPN.

  3. In the Policy & Routing section, set the Local Interface. The Local Subnets is added automatically.

    Set Remote Subnets to HQ's local subnet (in this example, 10.1.1.0/24).

  4. Review the configuration summary.

  5. On either FortiGate, go to Monitor > IPsec Monitor to verify the status of the VPN tunnel. Right-click its Status and select Bring Up.

    Check that the multicast server behind HQ can ping the client at Branch. To generate traffic to test the connection, ping Branch's internal interface from HQ’s internal network.

Previous
Next