Fortinet fortigate-100a Betriebsanweisung
VPN
Concentrator list
FortiGate-100A Administration Guide
01-28006-0068-20041105
255
Concentrator
Configure IPSec VPN concentrators to create hub and spoke configurations. IPSec
VPN concentrators are only available in NAT/Route mode.
VPN concentrators are only available in NAT/Route mode.
To configure a concentrator
1
Go to VPN > IPSEC > Concentrator and add a concentrator.
2
Add the required Phase 2 configurations to the concentrator.
Concentrator list
Figure 128:IPSec VPN concentrator list
Encryption Key Enter the Encryption Key.
Each two character combination entered in hexadecimal format represents
one byte. Depending on the encryption algorithm you have selected, you may
be required to enter the key in multiple segments. Use the same encryption
key at both ends of the tunnel.
•
•
For DES, enter a 16 character (8 byte) hexadecimal number (0-9, A-F).
•
For 3DEs, enter a 48 character (24 byte) hexadecimal number (0-9, A-F).
Separate the number into three segments of 16 characters.
Separate the number into three segments of 16 characters.
•
For AES128, enter a 32 character (16 byte) hexadecimal number
(0-9, A-F). Separate the number into two segments of 16 characters.
(0-9, A-F). Separate the number into two segments of 16 characters.
•
For AES192, enter a 48 character (24 byte) hexadecimal number
(0-9, A-F). Separate the number into three segments of 16 characters.
(0-9, A-F). Separate the number into three segments of 16 characters.
•
For AES256, enter a 64 character (32 byte) hexadecimal number
(0-9, A-F). Separate the number into four segments of 16 characters.
(0-9, A-F). Separate the number into four segments of 16 characters.
Authentication
Algorithm
Algorithm
Select an Authentication Algorithm from the list.
Use the same algorithm at both ends of the tunnel.
Use the same algorithm at both ends of the tunnel.
Authentication
Key
Key
Enter the Authentication Key. Each two character combination entered in
hexadecimal format represents one byte. Use the same authentication key at
both ends of the tunnel.
•
•
For MD5, enter a 32 character (16 byte) hexadecimal number (0-9, A-F).
Separate the number into two segments of 16 characters.
Separate the number into two segments of 16 characters.
•
For SHA1, enter a 40 character (20 byte) hexadecimal number (0-9, A-F).
Separate the number into two segments, the first of 16 characters and the
second of 24 characters.
Separate the number into two segments, the first of 16 characters and the
second of 24 characters.
Concentrator
Select a concentrator if you want the tunnel to be part of a hub and spoke
VPN configuration. See
. Available in
NAT/Route mode only.
Create New
Select Create New to add an IPSec VPN concentrator.
Concentrator Name The names of the IPSec VPN concentrators that have been added.