The SD-WAN Interface page in FortiManager now includes an IPsec VPN creation wizard. Administrators can configure a VPN using a wizard when configuring the SD-WAN.
- Go to System Settings > All ADOMs and edit the ADOM. Disable SD-WAN in Central Management. Click OK.
- Go to Device Manager > SD-WAN. Select any device or VDOM and click Edit. If no device is available, click Create New.
- Click Create VPN under Interface Members in the Create New SD-WAN or Edit SD-WAN page.
- Configure the following settings and click OK to auto-generate IPsec VPNs:
Specify a name for the VPN.
Select IP Address or Dynamic DNS.
Specify the IP address if IP Address is selected for Remote Device.
Specify the FQDN if Dynamic DNS is selected for Remote Device.
Select the outgoing interface.
Select Pre-shared key or Signature.
Select the certificate (if Signature was selected as the Authentication Method)
Peer Certificate CA
Select the Peer Certificate CA (if Signature was selected as the Authentication Method)
Select the pre-shared key (if Pre-shared key was selected as the Authentication Method)
- The auto-generated VPN interface are automatically added to the list of SD-WAN members.
- Edit the VPN in Interface Members to configure Gateway IP, Estimated Upstream Bandwidth (Kbps), and Estimated Downstream Bandwidth (Kbps).