Librarium
Settings

IPSEC VPN Full CLI Configuration on Fortigate - Build your LAB Pt. 16

CMD Tech
ipsec vpnfortigate clivpn configurationfortinet firewallc:disable-downloadipsec vpn full cli configuration on fortigate

#IPSEC #VPN #Fortigate #CLI #VPNConfiguration

Learn how to Master IPSEC VPN: Full CLI Configuration on Fortigate in this detailed tutorial. 👍If video seems confusing please try to start wit Pt. 1 of my LAB series (pasted below) 👍On 01:07 i have added all related videos to "Card" in top right corner.

Remote FGT config:

  1. Config Phase 1 and 2 Interfaces

config vpn ipsec phase1-interface
edit "ToVCMD" set interface "port9" set remote-gw 172.16.14.2 set psksecret fortinet next end

config vpn ipsec phase2-interface edit "ToVCMD" set phase1name "ToVCMD" set src-subnet 192.168.2.0 255.255.255.0 set dst-subnet 172.16.20.0 255.255.255.0 next end

  1. Config routing

config router static edit 4 set dst 172.16.20.0 255.255.255.0 set device "ToVCMD" next

edit 6
    set dst 172.16.20.0 255.255.255.0
    set distance 254
    set blackhole enable
next

end

3.config address objects config firewall address edit "NW_172.16.20.0" set subnet 172.16.20.0 255.255.255.0 next

edit "NW_192.168.2.0" set subnet 192.168.2.0 255.255.255.0 next end

  1. Config policies

config firewall policy edit 5 set name "IN" set srcintf "ToVCMD" set dstintf "port8" set action accept set srcaddr NW_172.16.20.0 set dstaddr NW_192.168.2.0 set schedule "always" set service "ALL" set nat disable next

edit 4 set name "OUT" set srcintf "port8" set dstintf "ToVCMD" set action accept set srcaddr NW_192.168.2.0 set dstaddr NW_172.16.20.0 set schedule "always" set service "ALL" set nat disable next end

Config system interface (VXLAN prep)

edit "ToVCMD" set ip 10.10.10.2 255.255.255.255 set remote-ip 10.10.10.1 255.255.255.252 set allowaccess ping next end

Mentioned videos (If you are unsure how to pull this off - It is better to start from part 1):

Establishing LAN connectivity! - Build your LAB Pt.1 🧪 https://youtu.be/Ag50QDoF0Kg

Fortigate Initial setup on VMware Workstation! ⚙️ https://youtu.be/P5G0GeghsQk

How to connect VMware VM to your GNS3 Lab! đź’ˇ https://youtu.be/IB41t0g_Tb8

How to prepare GNS3 on Windows for your future killer Labs! đź’» https://youtu.be/g-pjujyzGyg

Yours CMD Tech NSE4, NSE7, CCNP, CCNA-Security, CCNA-Wifi, CCNA-R+S

All Social media links + CMD Shop https://linktr.ee/cmdtech

2025-05-19
0.0 LBC
None

1871928157 Bytes