LoginSIGN UP

VPN creation in Firewall appliance in NeevCloud

Step 1: Set Up a VPN User

  1. Log in to FortiGate GUI: Open a web browser and navigate to the IP address of your FortiGate device. Enter your credentials to log in.

  2. Create a User:

  • Go to User & Device > User Definition.

  • Click Create Newcreate new

  • Enter a Username and Password for the new user

  • Click ok

Step 2: Configure VPN Settings

  1. IPsec VPN Wizard:

  • Go to VPN > IPsec Wizard.

  • Click Create new.

  1. VPN Setup:

  • VPN Setup selection: Choose Remote Access.

  • Template Type: Select FortiClient VPN (iOS/Android) or Custom, depending on your client device.

    • Name: Enter a name for your VPN (e.g., RemoteVPN).

    • Remote Device: FortiClient VPN.

  1. Authentication Method:

  • Incoming: Select the interface connected to the internet (e.g., wan1).

  • Authentication Method: Choose Pre-Shared Key

  • Pre-Shared Key: Enter a pre-shared key (password) for the VPN connection.

  1. User Group: Under User Group, select the user group that includes the user created earlier.

  1. Network Settings:

  • Local Interface: Select the local interface (e.g., LAN).

  • Local Address: Select the local network (e.g., Subnet).

  • Client Address Range: Enter an IP address range that will be assigned to remote VPN clients.

  1. Phase 1 & Phase 2 Settings: Configure the encryption and authentication settings for both Phase 1 and Phase 2. The default settings are usually sufficient, but you can customize them based on your security requirements.

  2. Security Policy: Ensure the policy for the VPN traffic is automatically created. If not, you will need to create it manually.

  3. Review & Create: Review all the settings and click create.

Step 3: Create Firewall Policy

  1. Policy & Objects:

  • Go to Policy & object > IPV4 policy

  • Click Create New

  1. Firewall Policy:

  • Name: Enter a name for the policy (e.g., RemoteVPN_Policy).

    • Incoming Interface: Select the VPN interface (e.g., ssl.root)

    • Outgoing Interface: Select the LAN interface (e.g., internal).

    • Source: Select the VPN user group or IP range.

    • Destination: Select the internal network or specific resources.

    • Service: Select ALL or specify the required services.

    • Action: Set to Accept.

    • Enable NAT: If required

  1. Logging Options: Enable logging for traffic if needed.

  2. Save Policy: Click OK to save the policy.

Step 4: Test the VPN Connection

  1. Download FortiClient:

  • Download and install the FortiClient VPN application on the remote device (PC, Smartphone, etc).

  1. Configure FortiClient:

  • Open FortiClient and go to the Remote Access section.

    • Click Configure VPN.

    • Enter the VPN Name, Remote Gateway (public IP of FortiGate), and Pre-Shared Key.

    • Enter the username and password for the VPN user.

  1. Connect: Click Connect to establish the VPN connection.

PreviousBastion (Jump) Host Setup for Secure Remote AccessNextKubernetes

Last updated