Chapter 10 IPsec VPN : Dynamic DNS configuration : Configure the fixed-address VPN peer : Configuring branch_1 VPN tunnel settings
  
Configuring branch_1 VPN tunnel settings
Define the Phase 1 parameters needed to establish a secure connection with the remote peer. For more information, see “Phase 1 parameters”.
To configure branch_1 Phase 1 VPN settings
1. Go to VPN > IPsec > Tunnels and create the new custom tunnel or edit an existing tunnel.
2. Edit the Phase 1 Proposal (if it is not available, you may need to click the Convert to Custom Tunnel button).
3. Enter the following information and select OK.
Name
Enter branch_1. A name to identify the VPN tunnel. This name appears in Phase 2 configurations, security policies and the VPN monitor.
Remote Gateway
Select Dynamic DNS. The remote peer this FortiGate is connecting to has a dynamic IP address.
Dynamic DNS
Type the fully qualified domain name of the remote peer (for example, example.com).
Interface
Select wan1. The public facing interface on the fixed-address FortiGate unit.
Mode
Select Aggressive.
Peer Options
Select This peer ID, and enter example.com. This option only appears when the mode is set to Aggressive. The identifier of the FortiGate unit with the dynamic address.
4. Define the Phase 2 parameters needed to create a VPN tunnel with the remote peer. See “Phase 2 parameters”. Enter these settings in particular:
Name
Enter branch_1_p2. A name to identify this Phase 2 configuration.
Phase 1
Select branch_1.
The name of the Phase 1 configuration that you defined for the remote peer. You can select the name of the remote gateway from the Dynamic DNS part of the list.