Phase 1 basic settings, 247 phase 1 basic settings – Fortinet 100A User Manual

VPN

Phase 1 basic settings

FortiGate-100A Administration Guide

01-28007-0068-20041203

247

Phase 1 basic settings

Figure 121:Phase 1 basic settings

Encryption
Algorithm

The names of the encryption and authentication algorithms used by each

phase 1 configuration.

Edit, view, or delete phase 1 configurations.

Gateway Name Type a name for the remote VPN peer or client. Enter a name that reflects the

origination of the remote connection.

Remote
Gateway

Select the nature of the remote connection:
•

If a remote peer with a static IP address will be connecting to the FortiGate
unit, select Static IP Address and type the IP address of the remote VPN
end point into the IP Address field.

•

If one or more dialup clients with dynamic IP addresses will be connecting
to the FortiGate unit, select Dialup User.

•

If a remote peer that has a domain name and subscribes to a dynamic
DNS service will be connecting to the FortiGate unit, select Dynamic DNS
and type the domain name of the remote peer into the Dynamic DNS field.

IP Address

If Static IP Address is selected, type the IP address of the remote peer.

Dynamic DNS If Dynamic DNS is selected, type the domain name of the remote peer.
Mode

Select Main or Aggressive.
•

In Main mode, the phase 1 parameters are exchanged in multiple rounds
with encrypted authentication information.

•

In Aggressive mode, the phase 1 parameters are exchanged in single
message with authentication information that is not encrypted. You must
select Aggressive if the FortiGate unit participates in a dynamic DNS
configuration.

Authentication
Method

Select Preshared Key or RSA Signature.