Fortinet Document Library

Version:

Version:

Version:


Table of Contents

New Features

Download PDF
Copy Link

Pre-defined IPsec template with recommended settings

FortiManager includes a default IPsec template called IPSec_Fortinet_Recommended. The default template contains recommended VPN tunnel settings and best practices. You can clone the template and customize settings in the clone to create new IPsec templates.

After editing the cloned template, assign the template to devices. When you install the settings to devices, phase1/phase2 interface settings are installed to devices.

To use the default IPsec template:
  1. Go to Device Manager > Provisioning Templates > IPsec Tunnel Templates.

    The templates are displayed in the content pane, including the IPsec_Fortinet_Recommended template.

  2. Clone the IPsec_Fortinet_Recommended template:
    1. Select the IPsec_Fortinet_Recommended template, and click Clone.

      The Clone IPsec Template dialog box is displayed.

    2. In the Name box, type a name for the cloned template, and click OK.

      The cloned template is displayed in the content pane.

    3. Select the cloned template, and click Edit.

      The cloned template opens for editing. The cloned template includes default tunnel settings named default.

  3. Select default, and click Edit.

    The default tunnel settings open for editing.

  4. Edit the tunnel settings, and click OK to save the changes.
  5. Assign the template to one or more devices:
    1. Click IPsec Tunnel Templates to display all templates.
    2. Select the template, and click Assign to Device.

      The Assign to Device dialog box is displayed.

    3. In the Available Entries list, select devices, and click > to move them to the Selected Entries list, and click OK.

      The template is assigned to the devices in the Selected Entries list and ready for use.

  6. Install device settings to install phase1/phase2 interface configuration to devices.

Pre-defined IPsec template with recommended settings

FortiManager includes a default IPsec template called IPSec_Fortinet_Recommended. The default template contains recommended VPN tunnel settings and best practices. You can clone the template and customize settings in the clone to create new IPsec templates.

After editing the cloned template, assign the template to devices. When you install the settings to devices, phase1/phase2 interface settings are installed to devices.

To use the default IPsec template:
  1. Go to Device Manager > Provisioning Templates > IPsec Tunnel Templates.

    The templates are displayed in the content pane, including the IPsec_Fortinet_Recommended template.

  2. Clone the IPsec_Fortinet_Recommended template:
    1. Select the IPsec_Fortinet_Recommended template, and click Clone.

      The Clone IPsec Template dialog box is displayed.

    2. In the Name box, type a name for the cloned template, and click OK.

      The cloned template is displayed in the content pane.

    3. Select the cloned template, and click Edit.

      The cloned template opens for editing. The cloned template includes default tunnel settings named default.

  3. Select default, and click Edit.

    The default tunnel settings open for editing.

  4. Edit the tunnel settings, and click OK to save the changes.
  5. Assign the template to one or more devices:
    1. Click IPsec Tunnel Templates to display all templates.
    2. Select the template, and click Assign to Device.

      The Assign to Device dialog box is displayed.

    3. In the Available Entries list, select devices, and click > to move them to the Selected Entries list, and click OK.

      The template is assigned to the devices in the Selected Entries list and ready for use.

  6. Install device settings to install phase1/phase2 interface configuration to devices.