IPsec VPN Overview
This section provides a brief overview of IPsec technology and includes general information about how to configure IPsec VPNs using this guide.
The following topics are included in this section:
VPN configurations interact with the firewall component of the FortiGate unit. There must be a security policy in place to permit traffic to pass between the private network and the VPN tunnel.
Security policies for VPNs specify:
• The FortiGate interface that provides the physical connection to the remote VPN gateway, usually an interface connected to the Internet
• The FortiGate interface that connects to the private network
• IP addresses associated with data that has to be encrypted and decrypted
• Optionally, a schedule that restricts when the VPN can operate
• Optionally, the services (types of data) that can be sent
When the first packet of data that meets all of the conditions of the security policy arrives at the FortiGate unit, a VPN tunnel may be initiated and the encryption or decryption of data is performed automatically afterward. For more information, see
“Defining VPN security policies”.