Fortigate 30D IPSec VPN Configuration Follow


On the 30D Routers, the IPSec VPN configuration GUI has been removed.  IPSec VPN connections can still be setup via the CLI Console (CLI).



Use the attached Excel Spreadsheet to provide the configuration scripts necessary.  Here are the steps:

  1. On the Entry Tab, enter a Phase 1 Name and a Phase 2 Name
    • These names should identify the location and end in either _p1 or _p2 depending on which phase you are naming
  2. Finish the Phase 1 setting by entering:
    • Remote Gateway:  This is the Internet address of the remote router
    • Preshared Key:  Sometime just called Key.  This must match on both this router and the remote router.
  3. Finish the Phase 2 settings by entering:
    • Destination LAN:  This is the remote routers LAN side IP information.  Remember this is the IP range, not a specific IP address (eg vs
    • Destination Subnet:  Again this is the subnet for the remote router's LAN side IP information
    • Local LAN:  This is the internal LAN IP information for the router.  Again it is not a specific IP address but the IP range
    • Local Subnet:  Finish off with the internal LAN subnet for this router.
  4. Use the information created on the Phase1 and Phase2 tabs to create the IPSec VPN
    • Copy EVERYTHING below the Commands title on the Phase1 tab, and paste them into the CLI
    • Copy EVERYTHING below the Commands title on the Phase2 tab, and paste them into the CLI
    • Exit out of the CLI
  5. Finish setting up the VPN settings per standard configuration instructions.


Have more questions? Submit a request


Powered by Zendesk