Dialup IPSec VPN to Fortigate from Ubuntu

To setup a IPSec Dialup VPN towards a fortigate from a Linux machine, you need to install strongswan, and edit the following files:

ipsec.conf:

conn fortigate

  keyexchange = ikev1
  ikelifetime=1440m
  keylife=60m
  ike = aes128-sha1-modp1536
  esp = aes128-sha1-modp1536
  type = tunnel

  aggressive = yes
  xauth = client

  right = FORTIGATE_WAN_IP
  rightsubnet = 0.0.0.0/0
  rightauth = psk

  left = %defaultroute
  leftsourceip=%config
  leftauth = psk
  leftauth2 = xauth
  xauth_identity = FORTIGATE_USER_NAME

  auto = add
  leftupdown = /usr/lib/ipsec/updown.sh

ipsec.secrets

FORTIGATE_WAN_IP : PSK "FORTIGATE_PSK" FORTIGATE_USER_NAME : XAUTH "FORTIGATE_USER_PASSWORD"

Afterwards do:

systemctl restart strongswan-starter ipsec up fortigate

Anonymous

Search

Dialup IPSec VPN to Fortigate from Ubuntu

Namespaces

More

Page actions

Navigation

Navigation

Wiki tools

Wiki tools

Anonymous

Search

Dialup IPSec VPN to Fortigate from Ubuntu

Navigation

Wiki tools

Page tools

Categories