Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiProxy 7.6.0 Administration Guide
    7.6.0
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.0
    7.0.19
    7.0.17
    7.0.0
    2.0.0
    1.2.0
    1.1.0
    1.0.0

    IPsec Tunnels

    IPsec Tunnels

    The data path between a userʼs computer and a private network through a VPN is referred to as a tunnel. Like a physical tunnel, the data path is accessible only at both ends. Encapsulation makes this possible. IPsec packets pass from one end of the tunnel to the other and contain data packets that are exchanged between the local user and the remote private network. Encryption of the data packets ensures that any third-party who intercepts the IPsec packets can not access the data.

    In FortiProxy, you can create a VPN tunnel between a FortiProxy unit in the branch office and a FortiProxy unit on the office private network.

    To view a list of IPsec tunnels, go to VPN > IPsec Tunnels. After you create an IPsec VPN tunnel, it appears in the VPN tunnel list.

    Hover over the leftmost edge of the column heading to display the Configure Table icon, which you can use to select the columns to display or to reset all the columns to their default settings. You can also drag column headings to change their order.

    The following options are available:

    Create New > IPsec Tunnel

    Run the IPsec Wizard and create an IPsec tunnel. See IPsec Wizard.

    Edit

    Edit an IPsec tunnel. See Edit an IPsec tunnel.

    Delete

    Delete the selected IPsec tunnel.

    Search

    Enter a search term to find in the list.

    Tunnel

    The name of the IPsec tunnel.

    Interface Binding

    Select the name of the interface through which remote peers connect to the FortiProxy unit.

    Status

    The status is Active or Inactive.

    Ref.

    Displays the number of times the object is referenced to other objects.

    To view the location of the referenced object, select the number in Ref.; the Object Usage window opens and displays the various locations of the referenced object.

    Aggregate Weight

    The aggregate weight.

    Comments

    An optional description of the IPsec tunnel.

    IKE Version

    The default IKE version is 1.

    Mode

    The mode is Aggressive or Main (ID Protection):

    • Main (ID Protection)—The Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information.

    • Aggressive—The Phase 1 parameters are exchanged in single message with authentication information that is not encrypted.

    Phase 2 Selectors

    The name of phase 2.
    Previous
    Next

    IPsec Tunnels

    IPsec Tunnels

    The data path between a userʼs computer and a private network through a VPN is referred to as a tunnel. Like a physical tunnel, the data path is accessible only at both ends. Encapsulation makes this possible. IPsec packets pass from one end of the tunnel to the other and contain data packets that are exchanged between the local user and the remote private network. Encryption of the data packets ensures that any third-party who intercepts the IPsec packets can not access the data.

    In FortiProxy, you can create a VPN tunnel between a FortiProxy unit in the branch office and a FortiProxy unit on the office private network.

    To view a list of IPsec tunnels, go to VPN > IPsec Tunnels. After you create an IPsec VPN tunnel, it appears in the VPN tunnel list.

    Hover over the leftmost edge of the column heading to display the Configure Table icon, which you can use to select the columns to display or to reset all the columns to their default settings. You can also drag column headings to change their order.

    The following options are available:

    Create New > IPsec Tunnel

    Run the IPsec Wizard and create an IPsec tunnel. See IPsec Wizard.

    Edit

    Edit an IPsec tunnel. See Edit an IPsec tunnel.

    Delete

    Delete the selected IPsec tunnel.

    Search

    Enter a search term to find in the list.

    Tunnel

    The name of the IPsec tunnel.

    Interface Binding

    Select the name of the interface through which remote peers connect to the FortiProxy unit.

    Status

    The status is Active or Inactive.

    Ref.

    Displays the number of times the object is referenced to other objects.

    To view the location of the referenced object, select the number in Ref.; the Object Usage window opens and displays the various locations of the referenced object.

    Aggregate Weight

    The aggregate weight.

    Comments

    An optional description of the IPsec tunnel.

    IKE Version

    The default IKE version is 1.

    Mode

    The mode is Aggressive or Main (ID Protection):

    • Main (ID Protection)—The Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information.

    • Aggressive—The Phase 1 parameters are exchanged in single message with authentication information that is not encrypted.

    Phase 2 Selectors

    The name of phase 2.
    Previous
    Next