This chapter provides detailed step-by-step procedures for configuring a FortiGate unit to accept a connection from a remote peer or dialup client. The Phase 1 parameters identify the remote peer or clients and supports authentication through preshared keys or digital certificates. You can increase access security further using peer identifiers, certificate distinguished names, group names, or the FortiGate extended authentication (XAuth) option for authentication purposes.

For more information on Phase 1 parameters in the web-based manager, see “Phase 1 configuration”.

The information and procedures in this section do not apply to VPN peers that perform negotiations using manual keys. Refer to “Manual key configurations” instead.

The following topics are included in this section: