**************************Fortigate-3600 2.80,build489,051027*****************************
config vpn ipsec phase1
edit "Kaohs"
set dpd enable
set nattraversal enable
set proposal des-sha1
set keylife 28800
set remotegw 219.81.1.1
set psksecret 123456
next
end
config vpn ipsec phase2
edit "Link_To_Kaohs"
set keepalive enable
set pfs enable
set phase1name "Kaohs"
set proposal des-sha1
set replay enable
next
end
config firewall policy
edit 170
set srcintf "WWW"
set dstintf "TFN_Ext"
set srcaddr "WWW_All"
set dstaddr "Kaohs_VPN_All"
set action encrypt
set schedule "always"
set service "any"
set inbound enable
set outbound enable
set vpntunnel "Link_To_Kaohs"
next
***************************Fortigate-60B 3.00-b0750(MR7 Patch 7)****************************
config vpn ipsec phase1
edit "To_IDC"
set interface "external"
set dpd enable
set nattraversal enable
set proposal des-sha1
set keylife 28800
set remote-gw 61.31.1.1
set psksecret 123456
next
end
config vpn ipsec phase2
edit "Link_To_IDC"
set dst-addr-type name
set keepalive enable
set pfs enable
set phase1name "To_IDC"
set proposal des-sha1
set replay enable
set src-addr-type name
set dst-name "VPN_All_Group"
set src-name "Kaohs_VPN_All"
next
end
config firewall policy
edit 1
set srcintf "internal"
set dstintf "external"
set srcaddr "Kaohs_VPN_All"
set dstaddr "VPN_All_Group"
set action ipsec
set schedule "always"
set service "ANY"
set inbound enable
set outbound enable
set vpntunnel "To_IDC"
next
config vpn ipsec phase1
edit "Kaohs"
set dpd enable
set nattraversal enable
set proposal des-sha1
set keylife 28800
set remotegw 219.81.1.1
set psksecret 123456
next
end
config vpn ipsec phase2
edit "Link_To_Kaohs"
set keepalive enable
set pfs enable
set phase1name "Kaohs"
set proposal des-sha1
set replay enable
next
end
config firewall policy
edit 170
set srcintf "WWW"
set dstintf "TFN_Ext"
set srcaddr "WWW_All"
set dstaddr "Kaohs_VPN_All"
set action encrypt
set schedule "always"
set service "any"
set inbound enable
set outbound enable
set vpntunnel "Link_To_Kaohs"
next
***************************Fortigate-60B 3.00-b0750(MR7 Patch 7)****************************
config vpn ipsec phase1
edit "To_IDC"
set interface "external"
set dpd enable
set nattraversal enable
set proposal des-sha1
set keylife 28800
set remote-gw 61.31.1.1
set psksecret 123456
next
end
config vpn ipsec phase2
edit "Link_To_IDC"
set dst-addr-type name
set keepalive enable
set pfs enable
set phase1name "To_IDC"
set proposal des-sha1
set replay enable
set src-addr-type name
set dst-name "VPN_All_Group"
set src-name "Kaohs_VPN_All"
next
end
config firewall policy
edit 1
set srcintf "internal"
set dstintf "external"
set srcaddr "Kaohs_VPN_All"
set dstaddr "VPN_All_Group"
set action ipsec
set schedule "always"
set service "ANY"
set inbound enable
set outbound enable
set vpntunnel "To_IDC"
next
全站熱搜
留言列表
