Concentrator options, Ping generator – Fortinet 100A User Manual

VPN

Concentrator options

FortiGate-100A Administration Guide

01-28007-0068-20041203

257

Concentrator options

Figure 129:Creating a concentrator for a hub-and-spoke configuration

Ping Generator

The ping generator generates traffic in an IPSec VPN tunnel to keep the tunnel
connection open when no traffic is being generated inside the tunnel. For example,
the ping generator is useful in scenarios where a dialup client or dynamic DNS peer
connects from an IP address that changes periodically—traffic may be suspended
while the IP address changes. You may also use the ping generator to troubleshoot
network connectivity inside a VPN tunnel.

You can configure settings to generate ping commands through two tunnels
simultaneously. The ping interval is fixed at 40 seconds.

The source and destination IP addresses refer to the source and destination
addresses of IP packets that are to be transported through the VPN tunnel. When
source and destination addresses of 0.0.0.0 are entered, no ping traffic is

generated between the source and destination.

To configure the ping generator

1

Go to VPN > IPSEC > Ping Generator.

Create New

Select Create New to define a new concentrator for an IPSec hub-and-

spoke configuration.

Concentrator Name The names of existing IPSec VPN concentrators.
Members

The tunnels that are associated with the concentrator.
Edit, view, or delete concentrators.

Concentrator
Name

Type a name for the concentrator.

Available
Tunnels

A list of defined IPsec VPN tunnels. Select a tunnel from the list and then

select the right-pointing arrow. Repeat these steps until all of the tunnels

associated with the spokes are included in the concentrator.

Members

A list of tunnels that are members of the concentrator. To remove a tunnel

from the concentrator, select the tunnel and select the left-pointing arrow.