{"id":133,"date":"2022-03-11T04:22:51","date_gmt":"2022-03-11T09:22:51","guid":{"rendered":"https:\/\/opentextbc.ca\/fortigatefirewall\/chapter\/ipsec-vpn\/"},"modified":"2023-08-29T16:26:44","modified_gmt":"2023-08-29T20:26:44","slug":"ipsec-vpn","status":"publish","type":"chapter","link":"https:\/\/opentextbc.ca\/fortigatefirewall\/chapter\/ipsec-vpn\/","title":{"raw":"4.1 IPsec VPN","rendered":"4.1 IPsec VPN"},"content":{"raw":"<div class=\"textbox textbox--learning-objectives\"><header class=\"textbox__header\">\n<p class=\"textbox__title\">Learning Objectives<\/p>\n\n<\/header>\n<div class=\"textbox__content\">\n<ul>\n \t<li class=\"hanging-indent\">Configure an IPsec VPN<\/li>\n \t<li class=\"hanging-indent\">Configure a site-to-site VPN<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"textbox shaded\"><strong>Scenario<\/strong>: We are going to have IPsec VPN from Windows to FortiGate Firewall. First, we are going to install FortiClient on Windows and then we will configure the firewall for FortiClient. The goal of this scenario is to have connectivity from Windows to PC1. You should be able to ping PC1 after you have established your VPN connection.<\/div>\n&nbsp;\n\n[caption id=\"attachment_121\" align=\"aligncenter\" width=\"1203\"]<img class=\"wp-image-96 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2022\/04\/1-4.jpg\" alt=\"IPSEC VPN main scenario\" width=\"1203\" height=\"444\"> Figure 4.1: Main scenario[\/caption]\n<h2>Configuration<\/h2>\n<div align=\"left\">\n<table class=\"aligncenter\" style=\"width: 100%;\"><caption>Table 4.1: Devices configuration<\/caption>\n<tbody>\n<tr>\n<th style=\"width: 139.975px;\" scope=\"col\">Device<\/th>\n<th style=\"width: 273.337px;\" scope=\"col\">IP address<\/th>\n<th style=\"width: 64.3875px;\" scope=\"col\">Access<\/th>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">WebTerm2<\/td>\n<td style=\"width: 273.337px;\">192.168.0.2\/24<\/td>\n<td style=\"width: 64.3875px;\">-<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">VPC<\/td>\n<td style=\"width: 273.337px;\">DHCP Client<\/td>\n<td style=\"width: 64.3875px;\">-<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">Ethernet Switch1-2<\/td>\n<td style=\"width: 273.337px;\">-<\/td>\n<td style=\"width: 64.3875px;\">-<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">FortiGate<\/td>\n<td style=\"width: 273.337px;\">Port 1: DHCP Client\n\nPort 2: 192.168.0.1\/24\n\nDHCP Server (192.168.0.10 to 192.168.0.20)<\/td>\n<td style=\"width: 64.3875px;\">ICMP\n\nHTTP\n\nHTTPS<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">Windows<\/td>\n<td style=\"width: 273.337px;\">DHCP Client<\/td>\n<td style=\"width: 64.3875px;\">-<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\nBefore you begin the configuration, please remember with VPC\u2019s and Web terms this is how we edit their IP settings for static and or DHCP Addressing:\n\nBefore dragging in your web terms or other devices remember to always choose GNS3 VM:\n\n[caption id=\"attachment_121\" align=\"aligncenter\" width=\"450\"]<img class=\"wp-image-97\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/For-when-dragging-a-New-NAT-Cloud.png\" alt=\"Dragging a NAT under GNS3 VM\" width=\"450\" height=\"186\"> Figure 4.2: Dragging a NAT under GNS3 VM[\/caption]\n\n[caption id=\"attachment_121\" align=\"aligncenter\" width=\"450\"]<img class=\"wp-image-98\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Make-sure-to-choose-GNS3-when-dragging-a-new-Switch.png\" alt=\"Dragging a Switch under GNS3 VM\" width=\"450\" height=\"217\"> Figure 4.3: Dragging a switch under GNS3 VM[\/caption]\n<ol>\n \t<li>Set a DHCP server on interface port2 (Range of IP address should be: 192.168.0.20 to 192.168.0.30, DNS: 4.2.2.4).\n\n[caption id=\"attachment_101\" align=\"alignnone\" width=\"1558\"]<img class=\"wp-image-99 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/123.jpg\" alt=\"Set a DHCP server on interface port2 (Range of IP address should be: 192.168.0.20- 192.168.0.30, DNS: 4.2.2.4)\" width=\"1558\" height=\"614\"> Figure 4.4: Set DHCP IP address[\/caption]\n\n[caption id=\"attachment_101\" align=\"aligncenter\" width=\"450\"]<img class=\"wp-image-100\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/DHCP-IP-Active-Config.png\" alt=\"Enable DHCP client\" width=\"450\" height=\"419\"> Figure 4.5: Enable DHCP client[\/caption]\n\n[caption id=\"attachment_101\" align=\"aligncenter\" width=\"450\"]<img class=\"wp-image-101\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Activated-Static-configuration.png\" alt=\"Configure a static IP address\" width=\"450\" height=\"419\"> Figure 4.6: Configure a static IP address[\/caption]<\/li>\n \t<li>Go to <strong>User &amp; Authentication<\/strong> &gt; <strong>User Group<\/strong> &gt; <strong>Create New<\/strong>:\n<ul>\n \t<li>Name: <strong>VPN_GRP_A0ID<\/strong><\/li>\n \t<li>TYPE:<strong> Firewall<\/strong><\/li>\n<\/ul>\n[caption id=\"attachment_103\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-102\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group.png\" alt=\"Create a User Groups\" width=\"500\" height=\"284\"> Figure 4.7: Create a user group[\/caption]\n\n[caption id=\"attachment_103\" align=\"aligncenter\" width=\"1267\"]<img class=\"wp-image-103 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-2-.png\" alt=\"Create a group in the firewall\" width=\"1267\" height=\"703\"> Figure 4.8: Create a group in the firewall[\/caption]<\/li>\n \t<li>Go to <strong>User &amp; Authentication<\/strong> &gt; <strong>User Definition<\/strong> &gt; <strong>Create a User<\/strong>:\n\n[caption id=\"attachment_107\" align=\"alignnone\" width=\"1272\"]<img class=\"wp-image-104 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition.png\" alt=\"Create a new user\" width=\"1272\" height=\"711\"> Figure 4.9: Create a new user[\/caption]\n\n[caption id=\"attachment_107\" align=\"alignnone\" width=\"1278\"]<img class=\"wp-image-105 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-2-.png\" alt=\"Create a Local User\" width=\"1278\" height=\"714\"> Figure 4.10: Create a local user[\/caption]\n\n[caption id=\"attachment_107\" align=\"alignnone\" width=\"1274\"]<img class=\"wp-image-106 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-3-.png\" alt=\"Configure a login credentials for the user\" width=\"1274\" height=\"718\"> Figure 4.11: Configure login credentials for the user[\/caption]\n\n[caption id=\"attachment_107\" align=\"alignnone\" width=\"1271\"]<img class=\"wp-image-107 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-4-.png\" alt=\"Enter Contact Info\" width=\"1271\" height=\"718\"> Figure 4.12: Contact info[\/caption]<\/li>\n \t<li>Assign User Group to your profile.\n\n[caption id=\"attachment_109\" align=\"alignnone\" width=\"1274\"]<img class=\"wp-image-108 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-5-.png\" alt=\"Assign a user to the group\" width=\"1274\" height=\"718\"> Figure 4.13: Assign a user to the group[\/caption]\n\n[caption id=\"attachment_109\" align=\"alignnone\" width=\"1269\"]<img class=\"wp-image-109 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-6-.png\" alt=\"Verify configuration\" width=\"1269\" height=\"721\"> Figure 4.14: Verify configuration[\/caption]<\/li>\n \t<li>Go to <strong>VPN<\/strong> &gt; <strong>IPsec Wizard<\/strong>.\n<ol>\n \t<li>First:\n<ul>\n \t<li>Select Name: <b>A0ID- VPN(A0ID is a <\/b><span style=\"font-size: 18.6667px;\"><b>student<\/b><\/span><b> ID)<\/b><\/li>\n \t<li>Template Type: <strong>Remote Access<\/strong><\/li>\n \t<li>Remote Type Device: <strong>FortiClient<\/strong><\/li>\n<\/ul>\n[caption id=\"attachment_110\" align=\"alignnone\" width=\"1270\"]<img class=\"wp-image-110 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-2-png.png\" alt=\"Create a VPN connection\" width=\"1270\" height=\"711\"> Figure 4.15: Create a VPN connection[\/caption]<\/li>\n \t<li>Then:\n<ul>\n \t<li>Incoming Interface: <strong>Port1<\/strong><\/li>\n \t<li>Pre-shared Key: &lt;Select a key like a password&gt;<\/li>\n \t<li>User Group: <strong>VPN_GRP_A0ID<\/strong><\/li>\n<\/ul>\n[caption id=\"attachment_111\" align=\"alignnone\" width=\"1272\"]<img class=\"wp-image-111 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-3.png\" alt=\"Configure Authentication\" width=\"1272\" height=\"724\"> Figure 4.16: Configure authentication[\/caption]<\/li>\n \t<li>Next:\n<ul>\n \t<li>Local Interface: <strong>Port 2<\/strong><\/li>\n \t<li>Local Address: Add your local range of IP address (192.168.0.0\/24)<\/li>\n \t<li>Client Range: <strong>172.16.0.1 to 172.16.0.10<\/strong><\/li>\n \t<li>Subnet Mask: <strong>255.255.255.0<\/strong><\/li>\n \t<li><strong>Disable Split Tunneling<\/strong><\/li>\n<\/ul>\n[caption id=\"attachment_113\" align=\"alignnone\" width=\"1273\"]<img class=\"wp-image-112 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-7.png\" alt=\"Configure Policy &amp; Routing\" width=\"1273\" height=\"714\"> Figure 4.17: Configure Policy &amp; Routing[\/caption]\n\n[caption id=\"attachment_113\" align=\"alignnone\" width=\"1279\"]<img class=\"wp-image-113 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN9.png\" alt=\"Review Settings\" width=\"1279\" height=\"712\"> Figure 4.18: Review Settings[\/caption]<\/li>\n<\/ol>\n<\/li>\n \t<li>On Windows machine, <a href=\"https:\/\/www.fortinet.com\/products\/endpoint-security\/forticlient\">download FortiClient from Fortinet<\/a>. Install the FortiClient and configure IPsec as set in the previous steps. Your remote Gateway IP should be the Port1 IP address.\n\n[caption id=\"attachment_114\" align=\"aligncenter\" width=\"1287\"]<img class=\"wp-image-114 size-full\" style=\"text-align: initial; font-size: 14pt;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-10-.png\" alt=\"Download FortiClient from https:\/\/www.forticlient.com\/downloads Install the Forti Client and configure IPSEC as set in the previous steps\" width=\"1287\" height=\"718\"> Figure 4.19: Install FortiClient on Windows[\/caption]<\/li>\n \t<li>\n\n[caption id=\"attachment_115\" align=\"aligncenter\" width=\"450\"]<img class=\"wp-image-115\" style=\"font-size: 18.6667px;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-12-.png\" alt=\"Configure VPN in FortiClient\" width=\"450\" height=\"292\"> Figure 4.20: Configure VPN in FortiClient[\/caption]<\/li>\n \t<li>\n\n[caption id=\"attachment_116\" align=\"aligncenter\" width=\"450\"]<img class=\"wp-image-116\" style=\"font-size: 18.6667px;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-11-.png\" alt=\"Accept FortiClient Free License\" width=\"450\" height=\"295\"> Figure 4.21: Accept FortiClient Free Licence[\/caption]<\/li>\n \t<li>\n\n[caption id=\"attachment_117\" align=\"aligncenter\" width=\"1279\"]<img class=\"wp-image-117 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-13-.png\" alt=\"Port1 IP Address\" width=\"1279\" height=\"714\"> Figure 4.22: Port1 IP Address[\/caption]<\/li>\n \t<li>\n\n[caption id=\"attachment_118\" align=\"aligncenter\" width=\"1101\"]<img class=\"wp-image-118 size-full\" style=\"text-align: initial; font-size: 14pt;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-14-.png\" alt=\"Configure FortiClient Remote Gateway and Pre-shared key\" width=\"1101\" height=\"720\"> Figure 4.23: Configure FortiClient Remote Gateway and Pre-shared key[\/caption]<\/li>\n \t<li>You should be able to ping from Windows to VPC.\n\n[caption id=\"attachment_119\" align=\"aligncenter\" width=\"1280\"]<img class=\"wp-image-119 size-full\" style=\"text-align: initial; font-size: 14pt;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-15.png\" alt=\"You should be to ping from windows to VPC.\" width=\"1280\" height=\"715\"> Figure 4.24: Verify configuration[\/caption]<\/li>\n<\/ol>\n<h2>Site-to-Site VPN (IPsec VPN)<\/h2>\n<div class=\"textbox shaded\"><strong>Scenario: <\/strong>We are going to have IPsec VPN from WebTerm1 to WebTerm2. First, we are going to configure both firewalls through IPsec VPN Wizards and then we will verify connectivity from WebTerm1 to WebTerm2.<\/div>\n\n[caption id=\"attachment_121\" align=\"aligncenter\" width=\"1075\"]<img class=\"wp-image-120 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/3-1.jpg\" alt=\"main scenario\" width=\"1075\" height=\"415\"> Figure 4.25: Main scenario[\/caption]\n\nTo validate Firewalls licences, we are going to connect them to the Internet.\n\n[caption id=\"attachment_121\" align=\"aligncenter\" width=\"1054\"]<img class=\"wp-image-121 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/4-2.jpg\" alt=\"Validate firewall licenses\" width=\"1054\" height=\"648\"> Figure 4.26: Validate firewall licences[\/caption]\n\n<div align=\"left\">\n<table class=\"aligncenter\" style=\"width: 100%;\"><caption>Table 4.2: Devices configuration<\/caption>\n<tbody>\n<tr style=\"height: 18px;\">\n<th style=\"width: 118px; height: 18px;\" scope=\"col\">Device<\/th>\n<th style=\"width: 165px; height: 18px;\" scope=\"col\">IP address<\/th>\n<th style=\"width: 213px; height: 18px;\" scope=\"col\">Access<\/th>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 118px; height: 18px;\">Fortigate1<\/td>\n<td style=\"width: 165px; height: 18px;\">10.10.10.1\/24<\/td>\n<td style=\"width: 213px; height: 18px;\">ICMP-HTTP-HTTPS<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 118px; height: 18px;\">Fortigate2<\/td>\n<td style=\"width: 165px; height: 18px;\">10.10.10.2\/24<\/td>\n<td style=\"width: 213px; height: 18px;\">ICMP-HTTP-HTTPS<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 118px; height: 18px;\">WebTerm1<\/td>\n<td style=\"width: 165px; height: 18px;\">192.168.20.2\/24<\/td>\n<td style=\"width: 213px; height: 18px;\">-<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 118px; height: 18px;\">WebTerm2<\/td>\n<td style=\"width: 165px; height: 18px;\">192.168.10.2\/24<\/td>\n<td style=\"width: 213px; height: 18px;\">-<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<ol>\n \t<li>On the FG1, go to\u00a0<strong>VPN &gt; IPsec Wizard<\/strong> and select Site to Site \u2013 FortiGate.\n\n[caption id=\"attachment_122\" align=\"aligncenter\" width=\"1133\"]<img class=\"wp-image-122 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/5-1.jpg\" alt=\"\" width=\"1133\" height=\"557\"> Figure 4.27: VPN Setup[\/caption]<\/li>\n \t<li>Select <strong>Site2Site\/ FortiGate \/No Nat. <\/strong>Enter Remote IP: <strong>10.10.10.2\/24<\/strong>, outgoing interface: <strong>port3<\/strong>.\n\n[caption id=\"attachment_123\" align=\"aligncenter\" width=\"1133\"]<img class=\"wp-image-123 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/6-2.jpg\" alt=\"Select Site2Site\/ FortiGate \/No Nat\" width=\"1133\" height=\"569\"> Figure 4.28: Authentication[\/caption]<\/li>\n \t<li>Local Interface: port2, IP: <strong>192.168.20.0\/24<\/strong>, Remote subnet: <strong>192.168.10.0\/24<\/strong>. Through the wizard, FortiGate creates two policies and two static routes in the firewall.\n\n[caption id=\"attachment_124\" align=\"aligncenter\" width=\"1152\"]<img class=\"wp-image-124 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/7.jpg\" alt=\"Local Interface: port2 \u00a0 IP: 192.168.20.0\/24, Remote subnet: 192.168.10.0\/24\" width=\"1152\" height=\"620\"> Figure 4.29: Policy &amp; Routing[\/caption]<\/li>\n \t<li>On the FG2, go to <strong>VPN &gt; IPsec Wizard<\/strong> and select Site-to-Site \u2013 FortiGate.\n\n[caption id=\"attachment_125\" align=\"alignnone\" width=\"1104\"]<img class=\"wp-image-125 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/8-1.jpg\" alt=\"\" width=\"1104\" height=\"643\"> Figure 4.30: Set up FG2[\/caption]<\/li>\n \t<li>Do the same configuration for FG2 (remote IP is 10.10.10.1\/24 and local IP is 192.168.10.0\/24).\n\n[caption id=\"attachment_126\" align=\"aligncenter\" width=\"1121\"]<img class=\"wp-image-126 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/9-1.jpg\" alt=\"(remote IP is 10.10.10.1\/24 and local IP is 192.168.10.0\/24)\" width=\"1121\" height=\"602\"> Figure 4.31: Authentication in FG2[\/caption]<\/li>\n \t<li>\n\n[caption id=\"attachment_127\" align=\"aligncenter\" width=\"1079\"]<img class=\"wp-image-127 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/10-1.jpg\" alt=\"Step 6- Policy &amp; Routing in FG2\" width=\"1079\" height=\"639\"> Figure 4.32: Policy &amp; Routing in FG2[\/caption]<\/li>\n \t<li>\n\n[caption id=\"attachment_130\" align=\"aligncenter\" width=\"1219\"]<img class=\"wp-image-128 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/11-1.jpg\" alt=\"Configure IPsec Tunnels\" width=\"1219\" height=\"268\"> Figure 4.33: Configure IPsec Tunnels[\/caption]\n\nThen, go to your IPsec Tunnels and double click on Inactive.\n\nOn the next windows, right click on the <strong>tunnel<\/strong> &gt; <strong>Bring UP<\/strong> &gt; <strong>All Phase 2 selectors<\/strong>. Then, your tunnel should be up!\n\n[caption id=\"attachment_130\" align=\"aligncenter\" width=\"1186\"]<img class=\"wp-image-129 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/12.jpg\" alt=\"Bring up IPsec Tunnel\" width=\"1186\" height=\"577\"> Figure 4.34: Bring up IPsec Tunnel[\/caption]\n\n[caption id=\"attachment_130\" align=\"aligncenter\" width=\"1266\"]<img class=\"wp-image-130 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1.jpg\" alt=\"Verify the status of the tunnel\" width=\"1266\" height=\"457\"> Figure 4.35: Verify the status of the tunnel[\/caption]<\/li>\n \t<li>Go to <strong>Logs &amp; Reports<\/strong> &gt; <strong>Event<\/strong> &gt; <strong>VPN Event<\/strong> and verify your configuration.\n\n[caption id=\"attachment_132\" align=\"alignnone\" width=\"1233\"]<img class=\"wp-image-131 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/ScreenShot00099-1.jpg\" alt=\"\" width=\"1233\" height=\"742\"> Figure 4.36: Verify configuration[\/caption]\n\nYou should be able to ping from WebTerm1 to WebTerm2.\n\n[caption id=\"attachment_132\" align=\"aligncenter\" width=\"800\"]<img class=\"wp-image-132 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1.jpg\" alt=\"You should be able to ping from WebTerm 1 to WebTerm 2\" width=\"800\" height=\"509\"> Figure 4.37: Verify configuration[\/caption]<\/li>\n<\/ol>","rendered":"<div class=\"textbox textbox--learning-objectives\">\n<header class=\"textbox__header\">\n<p class=\"textbox__title\">Learning Objectives<\/p>\n<\/header>\n<div class=\"textbox__content\">\n<ul>\n<li class=\"hanging-indent\">Configure an IPsec VPN<\/li>\n<li class=\"hanging-indent\">Configure a site-to-site VPN<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"textbox shaded\"><strong>Scenario<\/strong>: We are going to have IPsec VPN from Windows to FortiGate Firewall. First, we are going to install FortiClient on Windows and then we will configure the firewall for FortiClient. The goal of this scenario is to have connectivity from Windows to PC1. You should be able to ping PC1 after you have established your VPN connection.<\/div>\n<p>&nbsp;<\/p>\n<figure id=\"attachment_121\" aria-describedby=\"caption-attachment-121\" style=\"width: 1203px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-96 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2022\/04\/1-4.jpg\" alt=\"IPSEC VPN main scenario\" width=\"1203\" height=\"444\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-4.jpg 1203w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-4-300x111.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-4-1024x378.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-4-768x283.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-4-65x24.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-4-225x83.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-4-350x129.jpg 350w\" sizes=\"auto, (max-width: 1203px) 100vw, 1203px\" \/><figcaption id=\"caption-attachment-121\" class=\"wp-caption-text\">Figure 4.1: Main scenario<\/figcaption><\/figure>\n<h2>Configuration<\/h2>\n<div style=\"text-align: left;\">\n<table class=\"aligncenter\" style=\"width: 100%;\">\n<caption>Table 4.1: Devices configuration<\/caption>\n<tbody>\n<tr>\n<th style=\"width: 139.975px;\" scope=\"col\">Device<\/th>\n<th style=\"width: 273.337px;\" scope=\"col\">IP address<\/th>\n<th style=\"width: 64.3875px;\" scope=\"col\">Access<\/th>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">WebTerm2<\/td>\n<td style=\"width: 273.337px;\">192.168.0.2\/24<\/td>\n<td style=\"width: 64.3875px;\">&#8211;<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">VPC<\/td>\n<td style=\"width: 273.337px;\">DHCP Client<\/td>\n<td style=\"width: 64.3875px;\">&#8211;<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">Ethernet Switch1-2<\/td>\n<td style=\"width: 273.337px;\">&#8211;<\/td>\n<td style=\"width: 64.3875px;\">&#8211;<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">FortiGate<\/td>\n<td style=\"width: 273.337px;\">Port 1: DHCP Client<\/p>\n<p>Port 2: 192.168.0.1\/24<\/p>\n<p>DHCP Server (192.168.0.10 to 192.168.0.20)<\/td>\n<td style=\"width: 64.3875px;\">ICMP<\/p>\n<p>HTTP<\/p>\n<p>HTTPS<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 139.975px;\">Windows<\/td>\n<td style=\"width: 273.337px;\">DHCP Client<\/td>\n<td style=\"width: 64.3875px;\">&#8211;<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>Before you begin the configuration, please remember with VPC\u2019s and Web terms this is how we edit their IP settings for static and or DHCP Addressing:<\/p>\n<p>Before dragging in your web terms or other devices remember to always choose GNS3 VM:<\/p>\n<figure id=\"attachment_121\" aria-describedby=\"caption-attachment-121\" style=\"width: 450px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-97\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/For-when-dragging-a-New-NAT-Cloud.png\" alt=\"Dragging a NAT under GNS3 VM\" width=\"450\" height=\"186\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/For-when-dragging-a-New-NAT-Cloud.png 599w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/For-when-dragging-a-New-NAT-Cloud-300x124.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/For-when-dragging-a-New-NAT-Cloud-65x27.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/For-when-dragging-a-New-NAT-Cloud-225x93.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/For-when-dragging-a-New-NAT-Cloud-350x144.png 350w\" sizes=\"auto, (max-width: 450px) 100vw, 450px\" \/><figcaption id=\"caption-attachment-121\" class=\"wp-caption-text\">Figure 4.2: Dragging a NAT under GNS3 VM<\/figcaption><\/figure>\n<figure id=\"attachment_121\" aria-describedby=\"caption-attachment-121\" style=\"width: 450px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-98\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Make-sure-to-choose-GNS3-when-dragging-a-new-Switch.png\" alt=\"Dragging a Switch under GNS3 VM\" width=\"450\" height=\"217\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Make-sure-to-choose-GNS3-when-dragging-a-new-Switch.png 457w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Make-sure-to-choose-GNS3-when-dragging-a-new-Switch-300x144.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Make-sure-to-choose-GNS3-when-dragging-a-new-Switch-65x31.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Make-sure-to-choose-GNS3-when-dragging-a-new-Switch-225x108.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Make-sure-to-choose-GNS3-when-dragging-a-new-Switch-350x168.png 350w\" sizes=\"auto, (max-width: 450px) 100vw, 450px\" \/><figcaption id=\"caption-attachment-121\" class=\"wp-caption-text\">Figure 4.3: Dragging a switch under GNS3 VM<\/figcaption><\/figure>\n<ol>\n<li>Set a DHCP server on interface port2 (Range of IP address should be: 192.168.0.20 to 192.168.0.30, DNS: 4.2.2.4).<br \/>\n<figure id=\"attachment_101\" aria-describedby=\"caption-attachment-101\" style=\"width: 1558px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-99 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/123.jpg\" alt=\"Set a DHCP server on interface port2 (Range of IP address should be: 192.168.0.20- 192.168.0.30, DNS: 4.2.2.4)\" width=\"1558\" height=\"614\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/123.jpg 1558w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/123-300x118.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/123-1024x404.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/123-768x303.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/123-1536x605.jpg 1536w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/123-65x26.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/123-225x89.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/123-350x138.jpg 350w\" sizes=\"auto, (max-width: 1558px) 100vw, 1558px\" \/><figcaption id=\"caption-attachment-101\" class=\"wp-caption-text\">Figure 4.4: Set DHCP IP address<\/figcaption><\/figure>\n<figure id=\"attachment_101\" aria-describedby=\"caption-attachment-101\" style=\"width: 450px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-100\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/DHCP-IP-Active-Config.png\" alt=\"Enable DHCP client\" width=\"450\" height=\"419\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/DHCP-IP-Active-Config.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/DHCP-IP-Active-Config-300x279.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/DHCP-IP-Active-Config-65x61.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/DHCP-IP-Active-Config-225x209.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/DHCP-IP-Active-Config-350x326.png 350w\" sizes=\"auto, (max-width: 450px) 100vw, 450px\" \/><figcaption id=\"caption-attachment-101\" class=\"wp-caption-text\">Figure 4.5: Enable DHCP client<\/figcaption><\/figure>\n<figure id=\"attachment_101\" aria-describedby=\"caption-attachment-101\" style=\"width: 450px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-101\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Activated-Static-configuration.png\" alt=\"Configure a static IP address\" width=\"450\" height=\"419\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Activated-Static-configuration.png 766w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Activated-Static-configuration-300x279.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Activated-Static-configuration-65x61.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Activated-Static-configuration-225x209.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Activated-Static-configuration-350x326.png 350w\" sizes=\"auto, (max-width: 450px) 100vw, 450px\" \/><figcaption id=\"caption-attachment-101\" class=\"wp-caption-text\">Figure 4.6: Configure a static IP address<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>User &amp; Authentication<\/strong> &gt; <strong>User Group<\/strong> &gt; <strong>Create New<\/strong>:\n<ul>\n<li>Name: <strong>VPN_GRP_A0ID<\/strong><\/li>\n<li>TYPE:<strong> Firewall<\/strong><\/li>\n<\/ul>\n<figure id=\"attachment_103\" aria-describedby=\"caption-attachment-103\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-102\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group.png\" alt=\"Create a User Groups\" width=\"500\" height=\"284\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group.png 1268w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-300x171.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-1024x582.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-768x437.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-65x37.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-225x128.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-350x199.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-103\" class=\"wp-caption-text\">Figure 4.7: Create a user group<\/figcaption><\/figure>\n<figure id=\"attachment_103\" aria-describedby=\"caption-attachment-103\" style=\"width: 1267px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-103 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-2-.png\" alt=\"Create a group in the firewall\" width=\"1267\" height=\"703\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-2-.png 1267w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-2--300x166.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-2--1024x568.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-2--768x426.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-2--65x36.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-2--225x125.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Create-User-Group-2--350x194.png 350w\" sizes=\"auto, (max-width: 1267px) 100vw, 1267px\" \/><figcaption id=\"caption-attachment-103\" class=\"wp-caption-text\">Figure 4.8: Create a group in the firewall<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>User &amp; Authentication<\/strong> &gt; <strong>User Definition<\/strong> &gt; <strong>Create a User<\/strong>:<br \/>\n<figure id=\"attachment_107\" aria-describedby=\"caption-attachment-107\" style=\"width: 1272px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-104 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition.png\" alt=\"Create a new user\" width=\"1272\" height=\"711\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition.png 1272w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-300x168.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-1024x572.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-768x429.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-65x36.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-225x126.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-350x196.png 350w\" sizes=\"auto, (max-width: 1272px) 100vw, 1272px\" \/><figcaption id=\"caption-attachment-107\" class=\"wp-caption-text\">Figure 4.9: Create a new user<\/figcaption><\/figure>\n<figure id=\"attachment_107\" aria-describedby=\"caption-attachment-107\" style=\"width: 1278px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-105 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-2-.png\" alt=\"Create a Local User\" width=\"1278\" height=\"714\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-2-.png 1278w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-2--300x168.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-2--1024x572.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-2--768x429.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-2--65x36.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-2--225x126.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-2--350x196.png 350w\" sizes=\"auto, (max-width: 1278px) 100vw, 1278px\" \/><figcaption id=\"caption-attachment-107\" class=\"wp-caption-text\">Figure 4.10: Create a local user<\/figcaption><\/figure>\n<figure id=\"attachment_107\" aria-describedby=\"caption-attachment-107\" style=\"width: 1274px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-106 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-3-.png\" alt=\"Configure a login credentials for the user\" width=\"1274\" height=\"718\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-3-.png 1274w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-3--300x169.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-3--1024x577.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-3--768x433.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-3--65x37.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-3--225x127.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-3--350x197.png 350w\" sizes=\"auto, (max-width: 1274px) 100vw, 1274px\" \/><figcaption id=\"caption-attachment-107\" class=\"wp-caption-text\">Figure 4.11: Configure login credentials for the user<\/figcaption><\/figure>\n<figure id=\"attachment_107\" aria-describedby=\"caption-attachment-107\" style=\"width: 1271px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-107 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-4-.png\" alt=\"Enter Contact Info\" width=\"1271\" height=\"718\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-4-.png 1271w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-4--300x169.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-4--1024x578.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-4--768x434.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-4--65x37.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-4--225x127.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-4--350x198.png 350w\" sizes=\"auto, (max-width: 1271px) 100vw, 1271px\" \/><figcaption id=\"caption-attachment-107\" class=\"wp-caption-text\">Figure 4.12: Contact info<\/figcaption><\/figure>\n<\/li>\n<li>Assign User Group to your profile.<br \/>\n<figure id=\"attachment_109\" aria-describedby=\"caption-attachment-109\" style=\"width: 1274px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-108 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-5-.png\" alt=\"Assign a user to the group\" width=\"1274\" height=\"718\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-5-.png 1274w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-5--300x169.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-5--1024x577.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-5--768x433.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-5--65x37.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-5--225x127.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-5--350x197.png 350w\" sizes=\"auto, (max-width: 1274px) 100vw, 1274px\" \/><figcaption id=\"caption-attachment-109\" class=\"wp-caption-text\">Figure 4.13: Assign a user to the group<\/figcaption><\/figure>\n<figure id=\"attachment_109\" aria-describedby=\"caption-attachment-109\" style=\"width: 1269px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-109 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-6-.png\" alt=\"Verify configuration\" width=\"1269\" height=\"721\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-6-.png 1269w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-6--300x170.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-6--1024x582.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-6--768x436.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-6--65x37.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-6--225x128.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/User-Defenition-6--350x199.png 350w\" sizes=\"auto, (max-width: 1269px) 100vw, 1269px\" \/><figcaption id=\"caption-attachment-109\" class=\"wp-caption-text\">Figure 4.14: Verify configuration<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>VPN<\/strong> &gt; <strong>IPsec Wizard<\/strong>.\n<ol>\n<li>First:\n<ul>\n<li>Select Name: <b>A0ID- VPN(A0ID is a <\/b><span style=\"font-size: 18.6667px;\"><b>student<\/b><\/span><b> ID)<\/b><\/li>\n<li>Template Type: <strong>Remote Access<\/strong><\/li>\n<li>Remote Type Device: <strong>FortiClient<\/strong><\/li>\n<\/ul>\n<figure id=\"attachment_110\" aria-describedby=\"caption-attachment-110\" style=\"width: 1270px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-110 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-2-png.png\" alt=\"Create a VPN connection\" width=\"1270\" height=\"711\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-2-png.png 1270w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-2-png-300x168.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-2-png-1024x573.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-2-png-768x430.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-2-png-65x36.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-2-png-225x126.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-2-png-350x196.png 350w\" sizes=\"auto, (max-width: 1270px) 100vw, 1270px\" \/><figcaption id=\"caption-attachment-110\" class=\"wp-caption-text\">Figure 4.15: Create a VPN connection<\/figcaption><\/figure>\n<\/li>\n<li>Then:\n<ul>\n<li>Incoming Interface: <strong>Port1<\/strong><\/li>\n<li>Pre-shared Key: &lt;Select a key like a password&gt;<\/li>\n<li>User Group: <strong>VPN_GRP_A0ID<\/strong><\/li>\n<\/ul>\n<figure id=\"attachment_111\" aria-describedby=\"caption-attachment-111\" style=\"width: 1272px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-111 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-3.png\" alt=\"Configure Authentication\" width=\"1272\" height=\"724\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-3.png 1272w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-3-300x171.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-3-1024x583.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-3-768x437.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-3-65x37.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-3-225x128.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-3-350x199.png 350w\" sizes=\"auto, (max-width: 1272px) 100vw, 1272px\" \/><figcaption id=\"caption-attachment-111\" class=\"wp-caption-text\">Figure 4.16: Configure authentication<\/figcaption><\/figure>\n<\/li>\n<li>Next:\n<ul>\n<li>Local Interface: <strong>Port 2<\/strong><\/li>\n<li>Local Address: Add your local range of IP address (192.168.0.0\/24)<\/li>\n<li>Client Range: <strong>172.16.0.1 to 172.16.0.10<\/strong><\/li>\n<li>Subnet Mask: <strong>255.255.255.0<\/strong><\/li>\n<li><strong>Disable Split Tunneling<\/strong><\/li>\n<\/ul>\n<figure id=\"attachment_113\" aria-describedby=\"caption-attachment-113\" style=\"width: 1273px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-112 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-7.png\" alt=\"Configure Policy &amp; Routing\" width=\"1273\" height=\"714\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-7.png 1273w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-7-300x168.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-7-1024x574.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-7-768x431.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-7-65x36.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-7-225x126.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN-7-350x196.png 350w\" sizes=\"auto, (max-width: 1273px) 100vw, 1273px\" \/><figcaption id=\"caption-attachment-113\" class=\"wp-caption-text\">Figure 4.17: Configure Policy &amp; Routing<\/figcaption><\/figure>\n<figure id=\"attachment_113\" aria-describedby=\"caption-attachment-113\" style=\"width: 1279px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-113 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN9.png\" alt=\"Review Settings\" width=\"1279\" height=\"712\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN9.png 1279w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN9-300x167.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN9-1024x570.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN9-768x428.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN9-65x36.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN9-225x125.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/VPN9-350x195.png 350w\" sizes=\"auto, (max-width: 1279px) 100vw, 1279px\" \/><figcaption id=\"caption-attachment-113\" class=\"wp-caption-text\">Figure 4.18: Review Settings<\/figcaption><\/figure>\n<\/li>\n<\/ol>\n<\/li>\n<li>On Windows machine, <a href=\"https:\/\/www.fortinet.com\/products\/endpoint-security\/forticlient\">download FortiClient from Fortinet<\/a>. Install the FortiClient and configure IPsec as set in the previous steps. Your remote Gateway IP should be the Port1 IP address.<br \/>\n<figure id=\"attachment_114\" aria-describedby=\"caption-attachment-114\" style=\"width: 1287px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-114 size-full\" style=\"text-align: initial; font-size: 14pt;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-10-.png\" alt=\"Download FortiClient from https:\/\/www.forticlient.com\/downloads Install the Forti Client and configure IPSEC as set in the previous steps\" width=\"1287\" height=\"718\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-10-.png 1287w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-10--300x167.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-10--1024x571.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-10--768x428.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-10--65x36.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-10--225x126.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-10--350x195.png 350w\" sizes=\"auto, (max-width: 1287px) 100vw, 1287px\" \/><figcaption id=\"caption-attachment-114\" class=\"wp-caption-text\">Figure 4.19: Install FortiClient on Windows<\/figcaption><\/figure>\n<\/li>\n<li>\n<figure id=\"attachment_115\" aria-describedby=\"caption-attachment-115\" style=\"width: 450px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-115\" style=\"font-size: 18.6667px;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-12-.png\" alt=\"Configure VPN in FortiClient\" width=\"450\" height=\"292\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-12-.png 1102w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-12--300x195.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-12--1024x665.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-12--768x499.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-12--65x42.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-12--225x146.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-12--350x227.png 350w\" sizes=\"auto, (max-width: 450px) 100vw, 450px\" \/><figcaption id=\"caption-attachment-115\" class=\"wp-caption-text\">Figure 4.20: Configure VPN in FortiClient<\/figcaption><\/figure>\n<\/li>\n<li>\n<figure id=\"attachment_116\" aria-describedby=\"caption-attachment-116\" style=\"width: 450px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-116\" style=\"font-size: 18.6667px;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-11-.png\" alt=\"Accept FortiClient Free License\" width=\"450\" height=\"295\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-11-.png 1099w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-11--300x197.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-11--1024x672.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-11--768x504.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-11--65x43.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-11--225x148.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-11--350x230.png 350w\" sizes=\"auto, (max-width: 450px) 100vw, 450px\" \/><figcaption id=\"caption-attachment-116\" class=\"wp-caption-text\">Figure 4.21: Accept FortiClient Free Licence<\/figcaption><\/figure>\n<\/li>\n<li>\n<figure id=\"attachment_117\" aria-describedby=\"caption-attachment-117\" style=\"width: 1279px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-117 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-13-.png\" alt=\"Port1 IP Address\" width=\"1279\" height=\"714\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-13-.png 1279w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-13--300x167.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-13--1024x572.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-13--768x429.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-13--65x36.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-13--225x126.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-13--350x195.png 350w\" sizes=\"auto, (max-width: 1279px) 100vw, 1279px\" \/><figcaption id=\"caption-attachment-117\" class=\"wp-caption-text\">Figure 4.22: Port1 IP Address<\/figcaption><\/figure>\n<\/li>\n<li>\n<figure id=\"attachment_118\" aria-describedby=\"caption-attachment-118\" style=\"width: 1101px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-118 size-full\" style=\"text-align: initial; font-size: 14pt;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-14-.png\" alt=\"Configure FortiClient Remote Gateway and Pre-shared key\" width=\"1101\" height=\"720\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-14-.png 1101w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-14--300x196.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-14--1024x670.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-14--768x502.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-14--65x43.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-14--225x147.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-14--350x229.png 350w\" sizes=\"auto, (max-width: 1101px) 100vw, 1101px\" \/><figcaption id=\"caption-attachment-118\" class=\"wp-caption-text\">Figure 4.23: Configure FortiClient Remote Gateway and Pre-shared key<\/figcaption><\/figure>\n<\/li>\n<li>You should be able to ping from Windows to VPC.<br \/>\n<figure id=\"attachment_119\" aria-describedby=\"caption-attachment-119\" style=\"width: 1280px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-119 size-full\" style=\"text-align: initial; font-size: 14pt;\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-15.png\" alt=\"You should be to ping from windows to VPC.\" width=\"1280\" height=\"715\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-15.png 1280w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-15-300x168.png 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-15-1024x572.png 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-15-768x429.png 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-15-65x36.png 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-15-225x126.png 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/Windows-Machine-15-350x196.png 350w\" sizes=\"auto, (max-width: 1280px) 100vw, 1280px\" \/><figcaption id=\"caption-attachment-119\" class=\"wp-caption-text\">Figure 4.24: Verify configuration<\/figcaption><\/figure>\n<\/li>\n<\/ol>\n<h2>Site-to-Site VPN (IPsec VPN)<\/h2>\n<div class=\"textbox shaded\"><strong>Scenario: <\/strong>We are going to have IPsec VPN from WebTerm1 to WebTerm2. First, we are going to configure both firewalls through IPsec VPN Wizards and then we will verify connectivity from WebTerm1 to WebTerm2.<\/div>\n<figure id=\"attachment_121\" aria-describedby=\"caption-attachment-121\" style=\"width: 1075px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-120 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/3-1.jpg\" alt=\"main scenario\" width=\"1075\" height=\"415\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/3-1.jpg 1075w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/3-1-300x116.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/3-1-1024x395.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/3-1-768x296.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/3-1-65x25.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/3-1-225x87.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/3-1-350x135.jpg 350w\" sizes=\"auto, (max-width: 1075px) 100vw, 1075px\" \/><figcaption id=\"caption-attachment-121\" class=\"wp-caption-text\">Figure 4.25: Main scenario<\/figcaption><\/figure>\n<p>To validate Firewalls licences, we are going to connect them to the Internet.<\/p>\n<figure id=\"attachment_121\" aria-describedby=\"caption-attachment-121\" style=\"width: 1054px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-121 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/4-2.jpg\" alt=\"Validate firewall licenses\" width=\"1054\" height=\"648\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-2.jpg 1054w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-2-300x184.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-2-1024x630.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-2-768x472.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-2-65x40.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-2-225x138.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-2-350x215.jpg 350w\" sizes=\"auto, (max-width: 1054px) 100vw, 1054px\" \/><figcaption id=\"caption-attachment-121\" class=\"wp-caption-text\">Figure 4.26: Validate firewall licences<\/figcaption><\/figure>\n<div style=\"text-align: left;\">\n<table class=\"aligncenter\" style=\"width: 100%;\">\n<caption>Table 4.2: Devices configuration<\/caption>\n<tbody>\n<tr style=\"height: 18px;\">\n<th style=\"width: 118px; height: 18px;\" scope=\"col\">Device<\/th>\n<th style=\"width: 165px; height: 18px;\" scope=\"col\">IP address<\/th>\n<th style=\"width: 213px; height: 18px;\" scope=\"col\">Access<\/th>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 118px; height: 18px;\">Fortigate1<\/td>\n<td style=\"width: 165px; height: 18px;\">10.10.10.1\/24<\/td>\n<td style=\"width: 213px; height: 18px;\">ICMP-HTTP-HTTPS<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 118px; height: 18px;\">Fortigate2<\/td>\n<td style=\"width: 165px; height: 18px;\">10.10.10.2\/24<\/td>\n<td style=\"width: 213px; height: 18px;\">ICMP-HTTP-HTTPS<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 118px; height: 18px;\">WebTerm1<\/td>\n<td style=\"width: 165px; height: 18px;\">192.168.20.2\/24<\/td>\n<td style=\"width: 213px; height: 18px;\">&#8211;<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 118px; height: 18px;\">WebTerm2<\/td>\n<td style=\"width: 165px; height: 18px;\">192.168.10.2\/24<\/td>\n<td style=\"width: 213px; height: 18px;\">&#8211;<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<ol>\n<li>On the FG1, go to\u00a0<strong>VPN &gt; IPsec Wizard<\/strong> and select Site to Site \u2013 FortiGate.<br \/>\n<figure id=\"attachment_122\" aria-describedby=\"caption-attachment-122\" style=\"width: 1133px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-122 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/5-1.jpg\" alt=\"\" width=\"1133\" height=\"557\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/5-1.jpg 1133w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/5-1-300x147.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/5-1-1024x503.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/5-1-768x378.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/5-1-65x32.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/5-1-225x111.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/5-1-350x172.jpg 350w\" sizes=\"auto, (max-width: 1133px) 100vw, 1133px\" \/><figcaption id=\"caption-attachment-122\" class=\"wp-caption-text\">Figure 4.27: VPN Setup<\/figcaption><\/figure>\n<\/li>\n<li>Select <strong>Site2Site\/ FortiGate \/No Nat. <\/strong>Enter Remote IP: <strong>10.10.10.2\/24<\/strong>, outgoing interface: <strong>port3<\/strong>.<br \/>\n<figure id=\"attachment_123\" aria-describedby=\"caption-attachment-123\" style=\"width: 1133px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-123 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/6-2.jpg\" alt=\"Select Site2Site\/ FortiGate \/No Nat\" width=\"1133\" height=\"569\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/6-2.jpg 1133w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/6-2-300x151.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/6-2-1024x514.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/6-2-768x386.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/6-2-65x33.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/6-2-225x113.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/6-2-350x176.jpg 350w\" sizes=\"auto, (max-width: 1133px) 100vw, 1133px\" \/><figcaption id=\"caption-attachment-123\" class=\"wp-caption-text\">Figure 4.28: Authentication<\/figcaption><\/figure>\n<\/li>\n<li>Local Interface: port2, IP: <strong>192.168.20.0\/24<\/strong>, Remote subnet: <strong>192.168.10.0\/24<\/strong>. Through the wizard, FortiGate creates two policies and two static routes in the firewall.<br \/>\n<figure id=\"attachment_124\" aria-describedby=\"caption-attachment-124\" style=\"width: 1152px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-124 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/7.jpg\" alt=\"Local Interface: port2 \u00a0 IP: 192.168.20.0\/24, Remote subnet: 192.168.10.0\/24\" width=\"1152\" height=\"620\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/7.jpg 1152w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/7-300x161.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/7-1024x551.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/7-768x413.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/7-65x35.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/7-225x121.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/7-350x188.jpg 350w\" sizes=\"auto, (max-width: 1152px) 100vw, 1152px\" \/><figcaption id=\"caption-attachment-124\" class=\"wp-caption-text\">Figure 4.29: Policy &amp; Routing<\/figcaption><\/figure>\n<\/li>\n<li>On the FG2, go to <strong>VPN &gt; IPsec Wizard<\/strong> and select Site-to-Site \u2013 FortiGate.<br \/>\n<figure id=\"attachment_125\" aria-describedby=\"caption-attachment-125\" style=\"width: 1104px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-125 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/8-1.jpg\" alt=\"\" width=\"1104\" height=\"643\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/8-1.jpg 1104w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/8-1-300x175.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/8-1-1024x596.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/8-1-768x447.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/8-1-65x38.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/8-1-225x131.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/8-1-350x204.jpg 350w\" sizes=\"auto, (max-width: 1104px) 100vw, 1104px\" \/><figcaption id=\"caption-attachment-125\" class=\"wp-caption-text\">Figure 4.30: Set up FG2<\/figcaption><\/figure>\n<\/li>\n<li>Do the same configuration for FG2 (remote IP is 10.10.10.1\/24 and local IP is 192.168.10.0\/24).<br \/>\n<figure id=\"attachment_126\" aria-describedby=\"caption-attachment-126\" style=\"width: 1121px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-126 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/9-1.jpg\" alt=\"(remote IP is 10.10.10.1\/24 and local IP is 192.168.10.0\/24)\" width=\"1121\" height=\"602\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/9-1.jpg 1121w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/9-1-300x161.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/9-1-1024x550.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/9-1-768x412.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/9-1-65x35.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/9-1-225x121.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/9-1-350x188.jpg 350w\" sizes=\"auto, (max-width: 1121px) 100vw, 1121px\" \/><figcaption id=\"caption-attachment-126\" class=\"wp-caption-text\">Figure 4.31: Authentication in FG2<\/figcaption><\/figure>\n<\/li>\n<li>\n<figure id=\"attachment_127\" aria-describedby=\"caption-attachment-127\" style=\"width: 1079px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-127 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/10-1.jpg\" alt=\"Step 6- Policy &amp; Routing in FG2\" width=\"1079\" height=\"639\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-1.jpg 1079w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-1-300x178.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-1-1024x606.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-1-768x455.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-1-65x38.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-1-225x133.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-1-350x207.jpg 350w\" sizes=\"auto, (max-width: 1079px) 100vw, 1079px\" \/><figcaption id=\"caption-attachment-127\" class=\"wp-caption-text\">Figure 4.32: Policy &amp; Routing in FG2<\/figcaption><\/figure>\n<\/li>\n<li>\n<figure id=\"attachment_130\" aria-describedby=\"caption-attachment-130\" style=\"width: 1219px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-128 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/11-1.jpg\" alt=\"Configure IPsec Tunnels\" width=\"1219\" height=\"268\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-1.jpg 1219w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-1-300x66.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-1-1024x225.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-1-768x169.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-1-65x14.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-1-225x49.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-1-350x77.jpg 350w\" sizes=\"auto, (max-width: 1219px) 100vw, 1219px\" \/><figcaption id=\"caption-attachment-130\" class=\"wp-caption-text\">Figure 4.33: Configure IPsec Tunnels<\/figcaption><\/figure>\n<p>Then, go to your IPsec Tunnels and double click on Inactive.<\/p>\n<p>On the next windows, right click on the <strong>tunnel<\/strong> &gt; <strong>Bring UP<\/strong> &gt; <strong>All Phase 2 selectors<\/strong>. Then, your tunnel should be up!<\/p>\n<figure id=\"attachment_130\" aria-describedby=\"caption-attachment-130\" style=\"width: 1186px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-129 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/12.jpg\" alt=\"Bring up IPsec Tunnel\" width=\"1186\" height=\"577\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12.jpg 1186w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-300x146.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1024x498.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-768x374.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-65x32.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-225x109.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-350x170.jpg 350w\" sizes=\"auto, (max-width: 1186px) 100vw, 1186px\" \/><figcaption id=\"caption-attachment-130\" class=\"wp-caption-text\">Figure 4.34: Bring up IPsec Tunnel<\/figcaption><\/figure>\n<figure id=\"attachment_130\" aria-describedby=\"caption-attachment-130\" style=\"width: 1266px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-130 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1.jpg\" alt=\"Verify the status of the tunnel\" width=\"1266\" height=\"457\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1.jpg 1266w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-300x108.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-1024x370.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-768x277.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-65x23.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-225x81.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-350x126.jpg 350w\" sizes=\"auto, (max-width: 1266px) 100vw, 1266px\" \/><figcaption id=\"caption-attachment-130\" class=\"wp-caption-text\">Figure 4.35: Verify the status of the tunnel<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Logs &amp; Reports<\/strong> &gt; <strong>Event<\/strong> &gt; <strong>VPN Event<\/strong> and verify your configuration.<br \/>\n<figure id=\"attachment_132\" aria-describedby=\"caption-attachment-132\" style=\"width: 1233px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-131 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/ScreenShot00099-1.jpg\" alt=\"\" width=\"1233\" height=\"742\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/ScreenShot00099-1.jpg 1233w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/ScreenShot00099-1-300x181.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/ScreenShot00099-1-1024x616.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/ScreenShot00099-1-768x462.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/ScreenShot00099-1-65x39.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/ScreenShot00099-1-225x135.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/ScreenShot00099-1-350x211.jpg 350w\" sizes=\"auto, (max-width: 1233px) 100vw, 1233px\" \/><figcaption id=\"caption-attachment-132\" class=\"wp-caption-text\">Figure 4.36: Verify configuration<\/figcaption><\/figure>\n<p>You should be able to ping from WebTerm1 to WebTerm2.<\/p>\n<figure id=\"attachment_132\" aria-describedby=\"caption-attachment-132\" style=\"width: 800px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-132 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1.jpg\" alt=\"You should be able to ping from WebTerm 1 to WebTerm 2\" width=\"800\" height=\"509\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1.jpg 800w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-300x191.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-768x489.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-65x41.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-225x143.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-350x223.jpg 350w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><figcaption id=\"caption-attachment-132\" class=\"wp-caption-text\">Figure 4.37: Verify configuration<\/figcaption><\/figure>\n<\/li>\n<\/ol>\n","protected":false},"author":124,"menu_order":4,"template":"","meta":{"pb_show_title":"on","pb_short_title":"","pb_subtitle":"","pb_authors":[],"pb_section_license":""},"chapter-type":[],"contributor":[],"license":[],"class_list":["post-133","chapter","type-chapter","status-publish","hentry"],"part":95,"_links":{"self":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/133","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters"}],"about":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/types\/chapter"}],"author":[{"embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/users\/124"}],"version-history":[{"count":1,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/133\/revisions"}],"predecessor-version":[{"id":134,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/133\/revisions\/134"}],"part":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/parts\/95"}],"metadata":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/133\/metadata\/"}],"wp:attachment":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/media?parent=133"}],"wp:term":[{"taxonomy":"chapter-type","embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapter-type?post=133"},{"taxonomy":"contributor","embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/contributor?post=133"},{"taxonomy":"license","embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/license?post=133"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}