Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vkulik
Staff
Staff

Created on ‎02-23-2010 01:44 PM

Article Id 192244

Technical Note : How to configure IPSec transport mode on a FortiGate

Description

IPSec VPN maybe implemented in tunnel mode (default mode on the FortiGate), or now also in transport mode since FortiOS 4.0MR2.

Tunnel mode is mostly used for Gateway-to-Gateway connections, as well as to connect proprietary VPN clients to VPN gateway (like FortiClient, Cisco VPN Client, CheckPoint SecureClient, etc...).

Transport mode may be used between end-stations supporting IPSec, or between an end-station and a gateway.


Scope
FortiOS 4.0MR2 and above

Solution
The configuration is available only from CLI :

config vpn ipsec phase2
     edit <PHASE2_NAME_HERE>
     set encapsulation transport-mode
end

The other settings are similar to regular tunnel mode configuration

Labels:
10353
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.