config vpn ipsec phase1-interface
edit "playbook_ph1"
set type dynamic
set interface "wan1"
set dhgrp 2
set proposal 3des-sha1 3des-md5
set xauthtype auto
set mode aggressive
set mode-cfg enable
set authusrgrp "blackberry" <<===== authorization against user group "blackberry"
set ipv4-start-ip 10.20.30.11
set ipv4-end-ip 10.20.30.20
set ipv4-netmask 255.255.255.0
set ipv4-dns-server1 192.168.20.1
set psksecret ENC zXHkFV/F2yFF86GRmzzGHGuH1SRkxanMYtiDpQ
next
end
config vpn ipsec phase2-interface
edit "playbook_ph2"
set keepalive enable
set phase1name "playbook_ph1"
set proposal 3des-sha1 3des-md5
set replay disable
set dhgrp 2
next
end
------
config user local
edit "jun"
set type password
set passwd ENC iDr2InCZtIAGPW2E8E6HigA
next
end
------
config user group
edit "blackberry"
set member "jun"
next
end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.