IPSEC Fortigate 110C and Macbook Pro
A long ago I wrote a post about connecting Ubuntu to a Fortigate 110C using an IPSEC connection. After discovering the right way to do it, I happily used that method until I changed my pc.
When I bought my Macbook pro retina (late 2013) the first thing I did was downloading the client provided by Fortinet but, unfortunately, because of the way our firewall has been configured, it was useless.
Since then, I tried many different methods to connect including the built in client, but all of them failed until I discovered Ipsecuritas and here is the way I configured it:
What you need to know:
- Fortigate address
- Remote network address range and subnet mask
- Phase 1 configuration
- Phase 2 configuration
How to configure it:
- In General tab insert your firewall address
- In local endpoint mode, choose the host option from the dropdown and insert the IP you will have in the remote network
- in remote endpoint mode, choose the network option from the dropdown and insert the address range and subnet mask of the remote network
- Set the Phase 1 tab using the informations you have (e.g. exchange mode I used Main, proposal check Obey and Nonce size 16)
- Set Phase 2 tab accordingly to the informations you have (e.g. for DH group 2 in phase2 I set PFS group to 2)
- In the ID tab insert your pre-shared key
Following this guide you should be able to access your remote network through every Fortinet firewall, provided you have the necessary information about your remote firewall configuration.
And that’s all!