Creating a policy-based IPsec VPN security policy

Chapter 1 What’s New for FortiOS 5.0 : Firewall : Choosing the policy type : Creating a policy-based IPsec VPN security policy

Select the VPN policy type and the IPsec subtype. Select the local and outgoing VPN interfaces, local protected subnet and remote protected subnet addresses, the schedule, services, and the action.

You have two options to configure the VPN Tunnel used by the policy.

• You can use a tunnel that has already been added. Select Use Existing and select the tunnel to use.

• You can add a new tunnel. Select Create New and select either Site to Site or Dialup. Add a Name for the tunnel, the IP address of the remote FortiGate unit (not required for Dialup) and the Preshared Key to be used by the tunnel.

You can also apply Security Profiles and Client Reputation to IPsec VPN traffic.

Figure 68: Creating a policy-based IPsec VPN policy