Bienvenue sur Scribd !

Basic Firewall Configuration - Fortigate To Mikrotik Ipsec VPN

Transféré par

0% ont trouvé ce document utile (0 vote)

874 vues5 pages

This document provides configuration steps to create an IPsec VPN tunnel between a FortiGate firewall and MikroTik device. It outlines the network diagram, phase 1 and phase 2 configurations on the FortiGate including pre-shared key, firewall policies and static route to allow communication between the 10.0.1.0/24 and 10.0.2.0/24 networks across the VPN tunnel. It also describes basic phase 1, phase 2 and DH group configurations required on the MikroTik side and confirms establishment of the VPN connection.

Description originale:

Mikrotik

Titre original

Mikrotik

Copyright

Formats disponibles

DOCX, PDF, TXT ou lisez en ligne sur Scribd

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Signaler ce document

Droits d'auteur :

Formats disponibles

Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd

Signaler comme contenu inapproprié

0% ont trouvé ce document utile (0 vote)

874 vues5 pages

Basic Firewall Configuration - Fortigate To Mikrotik Ipsec VPN

Transféré par

Leocadio Fazolari

Droits d'auteur :

Formats disponibles

Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd

Signaler comme contenu inapproprié

Passer à la page

Vous êtes sur la page 1sur 5

Rechercher à l'intérieur du document

Basic Firewall Configuration –

FortiGate to MikroTik IPsec VPN

Purpose of this document
Configuration steps in order to create a IPsec VPN Tunnel between a FortiGate Firewall and MikroTik device.

Devices used in this configuration

 Fortigate VM version 5.2.1
 MikroTik VM Version 5.20

Network Diagram
10.200.1.1/24 10.200.3.1/24

WWW

10.0.1.0/24 10.0.2.0/24
FortiGate Configuration
Phase 1 Configuration
Config vpn ipsec phase1-interface
Edit “Mikrotik”
Set interface “port1”
Set proposal 3des-sha1
Set dhgrp 2
Set remote-gw 10.200.3.1
Set pksecret <PSK>
Next
End

Phase 2 Configuration
Config vpn ipsec phase2-interface
Edit “Private IP”
Set phase1name “Mikrotik”
Set proposal 3des-sha1
Set dhgrp 2
Set keylife seconds 1800
Set src-subnet 10.0.1.0 255.255.255.0
Set dst-subnet 10.0.2.0 255.2555.255.0
Next
End

Firewall Policies
LAN to Remote

Edit 1
Set srcintf “port3”
Set dstintf “Mikrotik”
Set srcaddr “10.0.1.0/24”
Set dstaddr “10.0.2.0/24”
Set action accept
Set schedule “always”
Set service “ALL”
Set logtraffic all
Next

Remote to LAN

Edit 2
Set srcintf “Mikrotik”
Set dstintf “port3”
Set srcaddr “10.0.2.0/24”
Set dstaddr “10.0.1.0/24”
Set action accept
Set schedule “always”
Set service “ALL”
Set logtraffic all
Next
Static Route
Config router static
Edit 1
Set dst 10.0.2.0 255.255.255.0
Set device “Mikrotik”
Next
End

Confirmation of VPN Status

MikroTik Configuration
Phase 1

Phase 2
DH selection - Proposal

MikroTik DH Groups (PFS Group)

Confirmation of VPN Status

Vous aimerez peut-être aussi

Mikrotik Router Configuration With Block Virus Ports by Umair
Document17 pages
Mikrotik Router Configuration With Block Virus Ports by Umair
Umair Saeed
Pas encore d'évaluation
CCNA 200-301 - Lab-21 NAT-Overload v1.0
Document9 pages
CCNA 200-301 - Lab-21 NAT-Overload v1.0
Anoop Kumar
Pas encore d'évaluation
JDSU Poster
Document1 page
JDSU Poster
rohitkamahi
Pas encore d'évaluation
Mikrotik PDF
Document337 pages
Mikrotik PDF
dika8
Pas encore d'évaluation
Hands On Skills Exam - CCNAv7 ENSA Skills Assessment (Answers)
Document17 pages
Hands On Skills Exam - CCNAv7 ENSA Skills Assessment (Answers)
Reg Ndhlovu
Pas encore d'évaluation
Fortinet - Selftestengine.nse4 FGT 72.actual - Test.2024 Feb 06.by - Harold.52q.vce
Document7 pages
Fortinet - Selftestengine.nse4 FGT 72.actual - Test.2024 Feb 06.by - Harold.52q.vce
Saeed Nashar
Pas encore d'évaluation
Mikrotik Hotspot
Document39 pages
Mikrotik Hotspot
calinp72
Pas encore d'évaluation
EVPN for VXLAN The Ultimate Step-By-Step Guide
D'Everand
EVPN for VXLAN The Ultimate Step-By-Step Guide
Gerardus Blokdyk
Pas encore d'évaluation
Program Labs For Beginners-Mikrotik
Document4 pages
Program Labs For Beginners-Mikrotik
poliboludito
Pas encore d'évaluation
Purpose: See Graphically Mikrotik Behavior at Different Burst Value Settings
Document6 pages
Purpose: See Graphically Mikrotik Behavior at Different Burst Value Settings
Ajegile Gileaje
Pas encore d'évaluation
DMVPN: Dynamic Multipoint (DMVPN) VPN Overview
Document30 pages
DMVPN: Dynamic Multipoint (DMVPN) VPN Overview
moama
Pas encore d'évaluation
Step-by-Step Configuration of Cisco Routers: Step1: Configure Access Passwords
Document7 pages
Step-by-Step Configuration of Cisco Routers: Step1: Configure Access Passwords
LeworkDagne
100% (1)
Nokia Network Security Solutions Handbook
D'Everand
Nokia Network Security Solutions Handbook
Syngress
Pas encore d'évaluation
IKE
Document167 pages
IKE
Fernanda Adhipramana
Pas encore d'évaluation
Mikrotik Firewall Training PDF
Document39 pages
Mikrotik Firewall Training PDF
Vichet Heng
50% (2)
BGP Basic Labs
Document77 pages
BGP Basic Labs
baraynavab
100% (2)
CCNA 2 v7 Modules 7 - 9 - Available and Reliable Networks Exam Answers
Document41 pages
CCNA 2 v7 Modules 7 - 9 - Available and Reliable Networks Exam Answers
Brali Dioulson Nguema
Pas encore d'évaluation
Mikrotik VPN
Document53 pages
Mikrotik VPN
Edy Setiadji Susanto
0% (1)
Sample Test MTCNA 100 PDF
Document3 pages
Sample Test MTCNA 100 PDF
james
Pas encore d'évaluation
Cisco FTD FMC Routed Mode Lab Configuration
Document14 pages
Cisco FTD FMC Routed Mode Lab Configuration
Jorge Brandão
Pas encore d'évaluation
Basic Configuration With Mikrotik Cli: Bdnog11
Document25 pages
Basic Configuration With Mikrotik Cli: Bdnog11
Cristopher Alejandro Torres Montepeque
Pas encore d'évaluation
Mikrotik Router Configuration - Mikrotik To CISCO ASA IPSec Site To Site VPN Tunnel Configuration
Document6 pages
Mikrotik Router Configuration - Mikrotik To CISCO ASA IPSec Site To Site VPN Tunnel Configuration
Ardhian Inaroka
Pas encore d'évaluation
Ccnav7 Ensa Skills Assessment: Topology
Document8 pages
Ccnav7 Ensa Skills Assessment: Topology
Esdras Djaffary
Pas encore d'évaluation
H12-211-Enu V14.02 PDF
Document194 pages
H12-211-Enu V14.02 PDF
almamydiakho
0% (1)
CCNA Questions
Document29 pages
CCNA Questions
felipemunozmora
Pas encore d'évaluation
9.3.1.2 CCNA Skills Integration Challenge
Document7 pages
9.3.1.2 CCNA Skills Integration Challenge
CristianFelipeSolarteOrozco
100% (1)
Manual Mikrotik
Document88 pages
Manual Mikrotik
FABRIZIO MERINO
Pas encore d'évaluation
MikroTik Q-in-Q
Document26 pages
MikroTik Q-in-Q
Mory Diakite
Pas encore d'évaluation
Winbox
Document6 pages
Winbox
Fatjon Arapi
Pas encore d'évaluation
BDCOM NMS Installation
Document7 pages
BDCOM NMS Installation
Ingeniero Soporteea
Pas encore d'évaluation
48TMSS06R1 Medium Density Fiber Optic System
Document55 pages
48TMSS06R1 Medium Density Fiber Optic System
Mohamed Nasr
Pas encore d'évaluation
Mtctce PDF
Document1 page
Mtctce PDF
Álvaro Durán
Pas encore d'évaluation
Website: VCE To PDF Converter: Facebook: Twitter:: Number: H12-711 Passing Score: 800 Time Limit: 120 Min
Document18 pages
Website: VCE To PDF Converter: Facebook: Twitter:: Number: H12-711 Passing Score: 800 Time Limit: 120 Min
Ict lab
Pas encore d'évaluation
New Dumps Minh Duc Final PDF
Document29 pages
New Dumps Minh Duc Final PDF
phuongnt1710
Pas encore d'évaluation
Mtcre PDF
Document16 pages
Mtcre PDF
Guilherme Leardini
0% (1)
Mikrotik Script and Scheduler
Document2 pages
Mikrotik Script and Scheduler
Oki
Pas encore d'évaluation
ASR9000xr Understanding SNMP and Troubleshooting
Document56 pages
ASR9000xr Understanding SNMP and Troubleshooting
Dharmendra
Pas encore d'évaluation
03-LinkProof Tech Training
Document87 pages
03-LinkProof Tech Training
Maria_Martinez_7023
Pas encore d'évaluation
HP Procurve Cli Cheatsheet
Document1 page
HP Procurve Cli Cheatsheet
Paul1100
Pas encore d'évaluation
Configure Simple IPSEC Site To Site VPN in Cisco Routers Using GNS3
Document7 pages
Configure Simple IPSEC Site To Site VPN in Cisco Routers Using GNS3
Anonymous ovq7UE2Wz
Pas encore d'évaluation
CLI Commands CCNA2
Document12 pages
CLI Commands CCNA2
Vilas Shah
Pas encore d'évaluation
CCNA 1 - OSI Model and Application Layer
Document39 pages
CCNA 1 - OSI Model and Application Layer
John Blackwood
Pas encore d'évaluation
Chapter6-SNMP-V3 - V2 - V1 Network Management
Document21 pages
Chapter6-SNMP-V3 - V2 - V1 Network Management
94aku
Pas encore d'évaluation
Mikrotik IPSec VPN FailOver Script
Document1 page
Mikrotik IPSec VPN FailOver Script
Sarwar Murshed
Pas encore d'évaluation
Forensic Challenge 2010 - Challenge - 2 - Solution
Document43 pages
Forensic Challenge 2010 - Challenge - 2 - Solution
Mehdi Sfar
100% (1)
Lab 6
Document2 pages
Lab 6
Narayan Mundhra
Pas encore d'évaluation
CCNA 200-301 - Lab-34 DHCP Snooping v1.0
Document9 pages
CCNA 200-301 - Lab-34 DHCP Snooping v1.0
stralone
Pas encore d'évaluation
Dos Attack Mikrotik
Document3 pages
Dos Attack Mikrotik
Paul Cole
Pas encore d'évaluation
PPPOE Vlan
Document18 pages
PPPOE Vlan
Amir Kroparo
Pas encore d'évaluation
GPON Configuration Guide Example
Document19 pages
GPON Configuration Guide Example
devsa ity
Pas encore d'évaluation
Ethernet Based ISP Mikrotik Step by Step Configuration Under 5 Minutes
Document17 pages
Ethernet Based ISP Mikrotik Step by Step Configuration Under 5 Minutes
voterdeskjaioa
50% (2)
H12-211 Answer y Question
Document12 pages
H12-211 Answer y Question
Din Cessare
Pas encore d'évaluation
Exam Hcpa-2020
Document19 pages
Exam Hcpa-2020
Mitra Sistematik
Pas encore d'évaluation
Mastering Netscaler VPX TM - Sample Chapter
Document39 pages
Mastering Netscaler VPX TM - Sample Chapter
Packt Publishing
Pas encore d'évaluation
TACACS
Document13 pages
TACACS
Ridho Pratama
Pas encore d'évaluation
TCP and UDP Communications
Document9 pages
TCP and UDP Communications
gayu
Pas encore d'évaluation
9.2.1.11 Packet Tracer - Configuring Named Standard ACLs Instructions IG - Alexis Pedroza
Document10 pages
9.2.1.11 Packet Tracer - Configuring Named Standard ACLs Instructions IG - Alexis Pedroza
alexis pedroza
Pas encore d'évaluation
CCNA Study Summary
Document15 pages
CCNA Study Summary
Jaimal Singh Jaimal
Pas encore d'évaluation
DHCP and NAT - Knowledge Base
Document6 pages
DHCP and NAT - Knowledge Base
Hasib Hamidul Haque
Pas encore d'évaluation
HCIP-Routing & Switching-IEEP V2.5 Exam Outline
Document3 pages
HCIP-Routing & Switching-IEEP V2.5 Exam Outline
Sisay Desalegn
Pas encore d'évaluation
Cisco UCCX A Clear and Concise Reference
D'Everand
Cisco UCCX A Clear and Concise Reference
Gerardus Blokdyk
Pas encore d'évaluation
Cisco Prime A Complete Guide - 2020 Edition
D'Everand
Cisco Prime A Complete Guide - 2020 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Pi On Network: Abhishek Kumar Srivastava Asst. Professor
Document23 pages
Pi On Network: Abhishek Kumar Srivastava Asst. Professor
Abhishek
Pas encore d'évaluation
Data Sheet H4W2PER2 PDF
Document2 pages
Data Sheet H4W2PER2 PDF
tushardudhwade
Pas encore d'évaluation
Window
Document8 pages
Window
karata96
Pas encore d'évaluation
Ethernet For Dummies PDF
Document2 pages
Ethernet For Dummies PDF
Larry
100% (1)
Lecture PPT - IP Address and Its Types v2.2
Document11 pages
Lecture PPT - IP Address and Its Types v2.2
Ayeyie Amankwah Andoh
Pas encore d'évaluation
MCITP Syllabus
Document4 pages
MCITP Syllabus
Parvez2z
Pas encore d'évaluation
Teltonika LTE Modem
Document2 pages
Teltonika LTE Modem
Ryan Tay
Pas encore d'évaluation
Wireless LAN CTRL Config Guide
Document1 060 pages
Wireless LAN CTRL Config Guide
Sasa Boskovic
Pas encore d'évaluation
Basic Information On Active Directory, DNS, DHCP, RAID
Document4 pages
Basic Information On Active Directory, DNS, DHCP, RAID
vibhat
Pas encore d'évaluation
Ftbx-88260 Report: Job Information
Document22 pages
Ftbx-88260 Report: Job Information
detek k
Pas encore d'évaluation
Optiswitch 906G Series - Converged L2 & L3 Service Demarcation
Document4 pages
Optiswitch 906G Series - Converged L2 & L3 Service Demarcation
Venkata Krishna
Pas encore d'évaluation
Chapter 4 V7.01 Agpreparar
Document76 pages
Chapter 4 V7.01 Agpreparar
Carlos Eduardo Garcia
Pas encore d'évaluation
Model: Ct-E351Et Ethernet Interface Function Manual
Document16 pages
Model: Ct-E351Et Ethernet Interface Function Manual
mahdi elmay
Pas encore d'évaluation
DS-A10 Networks Thunder 1030S
Document2 pages
DS-A10 Networks Thunder 1030S
Min Htut Nyein
Pas encore d'évaluation
Manual of EX-9132
Document40 pages
Manual of EX-9132
Magicomputo Mg
Pas encore d'évaluation
FW3005 19.0v1 Connecting Sites With Sophos Firewall
Document8 pages
FW3005 19.0v1 Connecting Sites With Sophos Firewall
André Moura
Pas encore d'évaluation
BCS 052
Document2 pages
BCS 052
Mark Prest
Pas encore d'évaluation
134 - CS8591, CS6551 Computer Networks - Question Bank
Document10 pages
134 - CS8591, CS6551 Computer Networks - Question Bank
Hemalatha Natarajan
Pas encore d'évaluation
Section 1: Using VLSM To Create The IP Address Plan
Document5 pages
Section 1: Using VLSM To Create The IP Address Plan
Emanuel Ferreira
Pas encore d'évaluation
ZXA10 C300 V1.2.5P3 Patch Release Notes - 20151225
Document92 pages
ZXA10 C300 V1.2.5P3 Patch Release Notes - 20151225
Meriton Emërllahu
Pas encore d'évaluation
Ceragon FibeAir IP 20G User Guide 8 0 Rev A
Document703 pages
Ceragon FibeAir IP 20G User Guide 8 0 Rev A
noName314
Pas encore d'évaluation
Computer Networks Application Layer Notes
Document23 pages
Computer Networks Application Layer Notes
s indraneel
Pas encore d'évaluation
Implementing Arubaos CX Switching Rev 20 21
Document5 pages
Implementing Arubaos CX Switching Rev 20 21
Muhammed AKYUZ
Pas encore d'évaluation
Instructions - Fortigate Cli Reference Mr6
Document14 pages
Instructions - Fortigate Cli Reference Mr6
clucien
100% (5)
Experiment No: 8: Advanced System Security & Digital Forensics Lab Manual Sem 7 Dloc
Document18 pages
Experiment No: 8: Advanced System Security & Digital Forensics Lab Manual Sem 7 Dloc
RAHUL GUPTA
Pas encore d'évaluation
Pjsip Log
Document108 pages
Pjsip Log
Javier Yanquen
Pas encore d'évaluation
Sim900 Rs232 GSM Modem Opn
Document49 pages
Sim900 Rs232 GSM Modem Opn
Anonymous BkmsKXzwyK
Pas encore d'évaluation
Diameter Protocol
Document20 pages
Diameter Protocol
dhmar90
Pas encore d'évaluation