Scribd
Upload
32 views2 pages

Fortimanager Ipsec Cli Script

Uploaded by

Ismail Kurnaz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
32 views2 pages

Fortimanager Ipsec Cli Script

Uploaded by

Ismail Kurnaz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

config vpn ipsec phase1-interface

edit "IPSec_HQ_SOL"
set interface "wan1"
set mode aggressive
set peertype any
set net-device enable
set proposal aes256-sha256
set keylife 28800
set dhgrp 5 14
set remote-gw 185.165.20.103
set psksecret 1q2w3e4r5T!
next
edit "IPSec_HQ_SOL2"
set interface "wan2"
set mode aggressive
set peertype any
set net-device enable
set proposal aes256-sha256
set keylife 28800
set dhgrp 5 14
set remote-gw 185.165.20.103
set psksecret 1q2w3e4r5T!
next
edit "IPSec_DRC_SOL"
set interface "wan1"
set mode aggressive
set peertype any
set net-device enable
set proposal aes256-sha256
set keylife 28800
set dhgrp 5 14
set remote-gw 176.88.67.185
set psksecret 1q2w3e4r5T!
next
edit "IPSec_DRC_SOL2"
set interface "wan2"
set mode aggressive
set peertype any
set net-device enable
set proposal aes256-sha256
set keylife 28800
set dhgrp 5 14
set remote-gw 176.88.67.185
set psksecret 1q2w3e4r5T!
next
end

config vpn ipsec phase2-interface


edit "IPSec_P2_HQ_SOL"
set phase1name "IPSec_HQ_SOL"
set proposal aes256-sha256
set pfs disable
set auto-negotiate enable
set keylifeseconds 3600
set src-subnet $(Local_Network) 255.255.255.0
next
edit "IPSec_P2_HQ_SOL_1"
set phase1name "IPSec_HQ_SOL"
set proposal aes256-sha256
set pfs disable
set auto-negotiate enable
set keylifeseconds 3600
set src-subnet $(HQ_SOL_Local0) 255.255.252.0
next
edit "IPSec_P2_HQ_SOL2"
set phase1name "IPSec_HQ_SOL2"
set proposal aes256-sha256
set pfs disable
set auto-negotiate enable
set keylifeseconds 3600
set src-subnet $(Local_Network) 255.255.255.0
next
edit "IPSec_P2_HQ_SOL2_1"
set phase1name "IPSec_HQ_SOL2"
set proposal aes256-sha256
set pfs disable
set auto-negotiate enable
set keylifeseconds 3600
set src-subnet $(HQ_SOL2_Local0) 255.255.252.0
next
edit "IPSec_P2_DRC_SOL"
set phase1name "IPSec_DRC_SOL"
set proposal aes256-sha256
set pfs disable
set auto-negotiate enable
set keylifeseconds 3600
set src-subnet $(Local_Network) 255.255.255.0
next
edit "IPSec_P2_DRC_SOL_1"
set phase1name "IPSec_DRC_SOL"
set proposal aes256-sha256
set pfs disable
set auto-negotiate enable
set keylifeseconds 3600
set src-subnet $(DRC_SOL_Local0) 255.255.252.0
next
edit "IPSec_P2_DRC_SOL2"
set phase1name "IPSec_DRC_SOL2"
set proposal aes256-sha256
set pfs disable
set auto-negotiate enable
set keylifeseconds 3600
set src-subnet $(Local_Network) 255.255.255.0
next
edit "IPSec_P2_DRC_SOL2_1"
set phase1name "IPSec_DRC_SOL2"
set proposal aes256-sha256
set pfs disable
set auto-negotiate enable
set keylifeseconds 3600
set src-subnet $(DRC_SOL2_Local0) 255.255.252.0
next
end

You might also like