282
01-28008-0013-20050204
Fortinet Inc.
CLI configuration
VPN
For more information, see
“Configuring IPSec virtual IP addresses” on page 283
.
Command syntax pattern
config vpn ipsec vip
edit <vip_integer>
set <keyword> <variable>
end
config vpn ipsec vip
edit <vip_integer>
unset <keyword>
end
config vpn ipsec vip
delete <vip_integer>
end
get vpn ipsec vip [<vip_integer>]
show vpn ipsec vip [<vip_integer>]
Example
The following commands add IPSec VIP entries for two remote hosts that can be
accessed by a FortiGate unit through an IPSec VPN tunnel on the
external
interface of the FortiGate unit. Similar commands must be entered on the FortiGate
unit at the other end of the IPSec VPN tunnel.
config vpn ipsec vip
edit 1
set ip 192.168.12.1
set out-interface external
next
edit 2
set ip 192.168.12.2
set out-interface external
end
Note:
The interface to the destination network must be associated with a VPN tunnel through a
firewall encryption policy (
action
must be set to
encrypt
). The policy determines which VPN
tunnel will be selected to forward traffic to the destination. When you create IPSec VIP entries,
check the encryption policy on the FortiGate interface to the destination network to ensure that
it meets your requirements.
ipsec vip command keywords and variables
Keywords and variables
Description
Default
Availability
ip <address_ipv4>
The IP address of the destination
host on the destination network.
0.0.0.0
All models.
out-interface
<interface-name_str>
The name of the FortiGate interface
to the destination network.
null
All models.
Summary of Contents for FortiGate FortiGate-5020
Page 86: ...86 01 28008 0013 20050204 Fortinet Inc Dynamic IP System DHCP ...
Page 118: ...118 01 28008 0013 20050204 Fortinet Inc FortiManager System Config ...
Page 254: ...254 01 28008 0013 20050204 Fortinet Inc CLI configuration User ...
Page 318: ...318 01 28008 0013 20050204 Fortinet Inc CLI configuration Antivirus ...
Page 350: ...350 01 28008 0013 20050204 Fortinet Inc Using Perl regular expressions Spam filter ...
Page 370: ...370 01 28008 0013 20050204 Fortinet Inc CLI configuration Log Report ...
Page 382: ...382 01 28008 0013 20050204 Fortinet Inc Glossary ...
Page 402: ...402 01 28008 0013 20050204 Fortinet Inc Index ...