IPsec VPN Overview

Chapter 11 IPsec VPN for FortiOS 5.0 : IPsec VPN Overview

IPsec VPN Overview

This section provides a brief overview of IPsec technology and includes general information about how to configure IPsec VPNs using this guide.

The following topics are included in this section:

• Types of VPNs

• Planning your VPN

• General preparation steps

• How to use this guide to configure an IPsec VPN

VPN configurations interact with the firewall component of the FortiGate unit. There must be a security policy in place to permit traffic to pass between the private network and the VPN tunnel.

Security policies for VPNs specify:

• the FortiGate interface that provides the physical connection to the remote VPN gateway, usually an interface connected to the Internet

• the FortiGate interface that connects to the private network

• IP addresses associated with data that has to be encrypted and decrypted

• optionally, a schedule that restricts when the VPN can operate

• optionally, the services (types of data) that can be sent

When the first packet of data that meets all of the conditions of the security policy arrives at the FortiGate unit, a VPN tunnel may be initiated and the encryption or decryption of data is performed automatically afterward. For more information, see “Defining VPN security policies”.