Using IPsec Fortinet recommended template
FortiManager includes a default, read-only IPsec template named IPsec_Fortinet_Recommended that includes recommended VPN tunnel and best practices.
You can clone the default template, tweak the settings, and assign the template to one or more devices.
When you install device settings to assigned devices, phase1/phase2 interface configurations from the template are installed.
To use the IPsec Fortinet recommended template:
- Go to Device Manager > Provisioning Templates > IPsec Tunnel Templates.
- Clone the IPsec_Fortinet_Recommended template:
- Select the IPSec_Fortinet_Recommended template, and click Activate in the toolbar.
The Activate IPSec_Fortinet_Recommended dialog is displayed.
- In the Template Name box, type a name for the new template.
- Enter default values for Outgoing Interface, Remote Gateway, and Pre-shared Key, then click OK.
The new activated template is displayed in the content pane.
- Select the IPSec_Fortinet_Recommended template, and click Activate in the toolbar.
- Edit the new template:
- Double-click the template to open it for editing, or select the template, and click Edit in the toolbar.
The template opens for editing. The template includes default tunnel settings named default.
- Select default, and click Edit.
The default tunnel settings open for editing.
- Edit the settings, and click OK to save the changes.
- Double-click the template to open it for editing, or select the template, and click Edit in the toolbar.
- Assign the template to one or more devices or device groups. See Assigning IPsec VPN template to devices and device groups.