You can provision IPsec tunnels to FortiGate branch devices using an IPsec template. You can save an IPsec VPN configuration, apply it to one or more FortiGates, or reuse the same configuration over and over again. You can specifically name IPsec tunnel interfaces using supported meta fields, and the tunnel interfaces may later on be mapped to normalized interfaces, or used in policies and also in SD-WAN widgets. See ADOM-level metadata variables.
The following example assumes that site HQ IPsec VPN has been configured and is up and running. We will establish the configurations of Branch-A and Branch-B sites to the HQ site by using an IPsec template.
This section describes the following:
- Creating new IPsec VPN templates
- Assigning IPsec VPN template to devices and device groups
- Installing IPsec VPN configuration and firewall policies to devices
- Verifying IPsec VPN tunnel status
- Verifying IPsec template configuration status
- Recommended IPsec templates
See also Un-assigning IPsec templates.
See also ADOM-level metadata variables.