Fortinet 50A user manual AutoIKE IPSec VPNs, 182, AES128, AES192, AES256

6Enter the Remote Gateway.

This is the external IP address of the FortiGate unit or other IPSec gateway at the opposite end of the tunnel.

7Select an Encryption Algorithm from the list.

Use the same algorithm at both ends of the tunnel.

8Enter the Encryption Key.

Each two-character combination entered in hexadecimal format represents one byte. Depending on the encryption algorithm that you select, you might be required to enter the key in multiple segments. Use the same encryption key at both ends of the tunnel.

9Select an Authentication Algorithm from the list. Use the same algorithm at both ends of the tunnel.

10Enter the Authentication Key.

Each two-character combination entered in hexadecimal format represents one byte. Use the same authentication key at both ends of the tunnel.

MD5 Enter a 32-character (16 byte) hexadecimal number (0-9, A-F). Separate the number into two segments of 16 characters.

SHA1 Enter a 40-character (20 byte) hexadecimal number (0-9, A-F). Separate the number into two segments—the first of 16 characters; the second of 24 characters.

11Select a concentrator if you want the tunnel to be part of a hub and spoke VPN configuration. See “Adding a VPN concentrator” on page 198.

12Select OK to save the manual key VPN tunnel.

AutoIKE IPSec VPNs

FortiGate units support two methods of Automatic Internet Key Exchange (AutoIKE) for establishing IPSec VPN tunnels: AutoIKE with pre-shared keys and AutoIKE with digital certificates.

•General configuration steps for an AutoIKE VPN

•Adding a phase 1 configuration for an AutoIKE VPN

•Adding a phase 2 configuration for an AutoIKE VPN