Fortinet 50A Network Card User Manual


  Open as PDF
of 272
 
Contents
FortiGate-50A Installation and Configuration Guide 9
AutoIKE IPSec VPNs...................................................................................................... 182
General configuration steps for an AutoIKE VPN ....................................................... 183
Adding a phase 1 configuration for an AutoIKE VPN.................................................. 183
Adding a phase 2 configuration for an AutoIKE VPN.................................................. 188
Managing digital certificates............................................................................................ 190
Obtaining a signed local certificate ............................................................................. 190
Obtaining CA certificates ............................................................................................ 192
Configuring encrypt policies............................................................................................ 193
Adding a source address ............................................................................................ 194
Adding a destination address...................................................................................... 194
Adding an encrypt policy............................................................................................. 195
IPSec VPN concentrators ............................................................................................... 196
VPN concentrator (hub) general configuration steps .................................................. 197
Adding a VPN concentrator ........................................................................................ 198
VPN spoke general configuration steps...................................................................... 199
Monitoring and Troubleshooting VPNs ........................................................................... 201
Viewing VPN tunnel status.......................................................................................... 201
Viewing dialup VPN connection status ....................................................................... 201
Testing a VPN............................................................................................................. 202
PPTP and L2TP VPN .......................................................................................... 203
Configuring PPTP ........................................................................................................... 203
Configuring the FortiGate unit as a PPTP gateway .................................................... 203
Configuring a Windows 98 client for PPTP ................................................................. 206
Configuring a Windows 2000 client for PPTP ............................................................. 207
Configuring a Windows XP client for PPTP ................................................................ 207
Configuring L2TP............................................................................................................ 209
Configuring the FortiGate unit as an L2TP gateway ................................................... 209
Configuring a Windows 2000 client for L2TP.............................................................. 211
Configuring a Windows XP client for L2TP ................................................................. 213
Network Intrusion Detection System (NIDS) ................................................... 215
Detecting attacks ............................................................................................................ 215
Selecting the interfaces to monitor.............................................................................. 216
Disabling monitoring interfaces................................................................................... 216
Configuring checksum verification .............................................................................. 216
Viewing the signature list ............................................................................................ 217
Viewing attack descriptions......................................................................................... 217
Disabling NIDS attack signatures ............................................................................... 218
Adding user-defined signatures .................................................................................. 218
Preventing attacks .......................................................................................................... 220
Enabling NIDS attack prevention ................................................................................ 220
Enabling NIDS attack prevention signatures .............................................................. 220
Setting signature threshold values.............................................................................. 221
 previous next