Since I’m not mentioning all steps here, we have to create a firewall policy for incoming and outgoing traffic through a VPN tunnel. Basically, we have created the site to site VPN tunnel in the Fortigate device. Make sure other settings remain the same. Untick ‘Enable Replay Detection’ and ‘PFS’ as below. The encryption settings should be only 3DES and SHA1. Select the Local network and Remote address (the branch network address we created in step 1). We will be using these exact settings in the Sonicwall firewall.ĥ) Phase 2 settings are also important while setting up the VPN. Select only 3DES and SHA1 as shown below. Remove all encryption and authentication settings. 4) Phase 1 proposal is something important.īy default, FortiOS comes with few encryptions. Select the ‘Main’ mode for VPN connectivity. Other settings remain the same as shown below.ģ) Enter the preshared key (like a password) which needs to be entered in the Sonicwall device to create the site to site VPN between these two devices. Select the WAN interface which is connected to the internet for VPN connectivity, WAN1 is for me. Select the destination (in this case, it is SonicWALL) IP or DynDNS name. The below basic diagram can explain more to understand the VPN settings and configurations in the next steps.Ģ) Create an IPsec VPN tunnel and select ‘Custom VPN Tunnel’ with a name for the VPN tunnel. So the branch computers with IP range 192.168.100.0/24 will access servers in 10.10.11.0/24 and vice versa. The head office has IP subnet 10.10.11.0/24 with Fortigate device and the branch has 192.168.100.0/24 with Sonicwall.
Ipsecuritas sonicwall nsa 4600 how to#
Read Also: How to change the switch mode to interface mode in FortiOS The Scenario I did this demonstration of setting up a VPN between Sonicwall and Fortigate on the Sonicwall NSA 2600 model and Fortigate 110C hardware devices. To configure DynDNS in Sonicwall, this post would be helpful. To configure DynDNS in FortiOS 5.0 and later versions, please refer to this guide at Sysprobs. I explained the steps clearly without complicating the below example. But it is always recommended to have static IP at your head office which acts as a hub in the VPN network. If that is not the case for you, you need to use dynamic DNS to resolve the IPs and make the connection. Luckily both locations had static (fixed) public internet IPs. Few online guides and Q&A’s helped me to set up the IPsec Site to Site VPN between these two devices successfully. You will find similar settings/screens with the new OS as well.
But fundamentally, the main steps remain the same. While reading this guide, there could be a new OS from both vendors that will have different GUI and screens. This demonstration was done with the FortiOS 5.2 and SonicOS 6.1.2 versions. I assume that there are two different IP subnets available at both locations. In this way, we can use both devices to connect two branches or locations. In this guide, we will learn how to set up an IPsec site-to-site VPN between Fortigate and SonicWall devices.
0 kommentar(er)
