pfSense / Fortigate

1. conn con2
2.     fragmentation = yes
3.     keyexchange = ikev2
4.     reauth = yes
5.     forceencaps = no
6.     mobike = no
7.    
8.     rekey = yes
9.     installpolicy = yes
10.     type = tunnel
11.     dpdaction = clear
12.     dpddelay = 2s
13.     dpdtimeout = 4s
14.     auto = add
15.     left = 129.232.aa.bb
16.     right = 41.185.xx.yy
17.     leftid = 129.232.aa.bb
18.     ikelifetime = 86400s
19.     lifetime = 7200s
20.     ike = aes128-sha256-modp1024!
21.     esp = aes128-sha256-modp1024!
22.     leftauth = psk
23.     rightauth = psk
24.     rightid = 41.185.xx.yy
25.     rightsubnet = 192.168.99.1
26.     leftsubnet = 192.168.0.30
27.  
28.  
29. Fortigate side
30.  
31. edit ""
32.         set interface "port4"
33.         set ike-version 2
34.         set peertype any
35.         set proposal aes128-sha256
36.         set localid
37.         set dhgrp 2
38.         set remote-gw :"....."
39.         set psksecret :"....."
40.     next
41. end
42.  
43.     edit ""
44.         set phase1name ""
45.         set proposal aes128-sha256
46.         set dhgrp 2
47.         set auto-negotiate enable
48.         set comments ""
49.         set src-addr-type name
50.         set dst-addr-type name
51.         set keylifeseconds 7200
52.         set src-name ""
53.         set dst-name ""
54.     next
55. end