Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- conn con2
- fragmentation = yes
- keyexchange = ikev2
- reauth = yes
- forceencaps = no
- mobike = no
- rekey = yes
- installpolicy = yes
- type = tunnel
- dpdaction = clear
- dpddelay = 2s
- dpdtimeout = 4s
- auto = add
- left = 129.232.aa.bb
- right = 41.185.xx.yy
- leftid = 129.232.aa.bb
- ikelifetime = 86400s
- lifetime = 7200s
- ike = aes128-sha256-modp1024!
- esp = aes128-sha256-modp1024!
- leftauth = psk
- rightauth = psk
- rightid = 41.185.xx.yy
- rightsubnet = 192.168.99.1
- leftsubnet = 192.168.0.30
- Fortigate side
- edit ""
- set interface "port4"
- set ike-version 2
- set peertype any
- set proposal aes128-sha256
- set localid
- set dhgrp 2
- set remote-gw :"....."
- set psksecret :"....."
- next
- end
- edit ""
- set phase1name ""
- set proposal aes128-sha256
- set dhgrp 2
- set auto-negotiate enable
- set comments ""
- set src-addr-type name
- set dst-addr-type name
- set keylifeseconds 7200
- set src-name ""
- set dst-name ""
- next
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement