![]() ![]() Encryption details (AES, SHA and DH group) - AES256, SHA256 and DH group 14 are recommended (also must support IKEv2).Pre-shared key - you can generate it or we can provide it.In order to finalize the site-to-site setup on our end, please provide these values via Site-to-site request from in the NordLayer Control Panel: If the tunnel is up the line will appear in the table: If any additional settings appear, leave them in their default status.Īt the FortiGate Management Interface, go to VPN -> IPSec Tunnels. Outgoing Interface: Your local network object.Go to Policy & Objects -> IPv4 Policy and select Create New It is necessary to add firewall rules to allow traffic from the NordLayer subnet (10.6.0.0/20) to your local network or services you desire Set Destination to 10.6.0.0/20 and the Device: NordLayer (or any other name you chose for the tunnel) Go to Network -> Routing -> Static Routes -> Create new -> Route.It is necessary to add static routes from the NordLayer subnet (10.6.0.0/20) to the local network and from the local network to the NordLayer subnet (10.6.0.0/20) to the local network through the VPN tunnel gateway. Enable Perfect Forward Secrecy (PFS): Checked.Local Address: Your Local network Subnet.Pre-shared Key: Insert the generated Shared Key (we will also need this value on our end).IP Address: Insert the IP of your NordLayer dedicated server.In the VPN Creation Wizard window set the Name to NordLayer (or any other name you desire), the Template Type to Custom tab, and select Next.In the left panel, select VPN, then IPsec Tunnels, and select Create New Configuring the tunnel at the FortiGate Management Interface ![]() Note: If your device/service supports SHA256 and DH group 14, it is recommended to use these settings instead. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |