64
edits
Changes
IPsec site to site configuration between Teltonika and Fortinet devices (view source)
Revision as of 15:05, 20 June 2024
, Thursday at 15:05no edit summary
[[File:TopologijaIPsecPublicRutSingleLAN.png|border|class=tlt-border|center]]
[[File:TopologijaIPsecPublicRutSingleLAN.png|border|class=tlt-border|center]]
==Site to site configuration==
==Site to site configuration RUT public IP==
This section provides a guide on how to configure a successful site to site IPsec vpn connection between '''RUT''' and '''Fortinet''' devices.
This section provides a guide on how to configure a successful site to site IPsec vpn connection between '''RUT''' and '''Fortinet''' devices.
===Fortinet configuration===
===Fortinet configuration===
[[File:Fortinet_static_route_general.png|border|class=tlt-border|center]]
[[File:Fortinet_static_route_general.png|border|class=tlt-border|center]]
----
----
==Site to site configuration Fortinet public IP==
This section provides a guide on how to configure a successful site to site IPsec vpn connection between '''RUT''' and '''Fortinet''' when '''Fortinet''' has a public IP and RUT is behind NAT. This setup will be similiar to Site to site configuration RUT public IP, we will need only to change network section on Fortinet and on RUT we will need to add Remote endpoint.
===Fortinet configuration===
As for the configuration of IPsec tunnel, everything is the same, only the Network and authentication sections needs to be changed, so for other sections refer to the guide site to site.
Start by configuring the '''Fortinet''' device. Login to the WebUI, navigate to '''1. VPN → 2. IPsec Tunnels → 3. Create new → 4. IPsec Tunnel → 5. Your desired name → 6. Template type: Custom → 7. Click on the button next'''.
----
<table class="nd-othertables_2">
<tr>
<th width=800; style="border-bottom: 1px solid white;" rowspan=2>[[File:Fortinet_Firewall_create_new.png|border|class=tlt-border|497x209px|left]]</th>
</tr>
<tr>
<th width=800; style="border-bottom: 1px solid white;" rowspan=1>[[File:Fortinet_Firewall_type_next_v2.png|border|class=tlt-border|437x209px|right]]</th>
</tr>
</table>
'''Note:''' ''Not specified fields can be left as is or changed according to your needs.''
====Network configuration====
----
Make the following changes:
# Remote Gateway – '''''Dialup User;'''''
# Interface – '''''wan1;'''''
[[File:Fortinet_IPsec_network_public_rut_private.png|border|class=tlt-border|center]]
====Authentication configuration====
----
Make the following changes:
# Method – '''''Pre-shared Key;'''''
# Pre-shared Key – '''''your desired password;'''''
# Version – '''''2;'''''
# Accept Types - '''''Any peer ID;'''''
[[File:Fortinet_IPsec_authentication_public_rut_private.png|border|class=tlt-border|center]]
----
===RUT configuration===
Start by configuring the '''RUT''' device. Login to the WebUI, navigate to '''Services → VPN → IPsec and add a new IPsec instance.''' Configure everything as follows. For other sections refer to the '''"Site to site configuration RUT public IP"'''
'''Note:''' ''Not specified fields can be left as is or changed according to your needs.''
====Instance configuration====
----
Make the following changes:
# '''''Enable''''' instance;
# Remote endpoint - '''''Public IP of Fortinet device'''''
# Authentication method - '''''Pre-shared key;'''''
# Pre-shared key - the '''''same password''''' you have '''''set on Fortinet''''' when configuring the '''''Fortinet IPsec instance;'''''
# Local identifier – '''''RUT LAN IP;'''''
# Remote identifier – '''''%any;'''''
[[File:Rut_IPsec_configuration_instance_site_to_site_private_ip.png|border|class=tlt-border|center]]
==Testing the configuration==
==Testing the configuration==
----
----