https://wiki.silbonetworks.com/index.php?action=history&feed=atom&title=IPsec_VPN_between_SILBO_and_Fortigate_firewallIPsec VPN between SILBO and Fortigate firewall - Revision history2026-04-04T00:34:09ZRevision history for this page on the wikiMediaWiki 1.41.1https://wiki.silbonetworks.com/index.php?title=IPsec_VPN_between_SILBO_and_Fortigate_firewall&diff=323&oldid=prevWikisysop: Created page with "'''Prerequisite:''' * FortiGate firewall * SILBO Router or gateway * Static Public IP on wired internet connection * SIM card with active internet Note: This document is prepared using FortiGate FW v7.0.13 & SILBO 1.16_1.13 FW version. FortiGate VPN setup Create a new IPSec tunnel via VPN -> IPSec Tunnels -> (+) Create New 624x624px IPsec Wizard will open, then follow below steps: * Give a name to IPsec VPN to Identif..."2024-07-31T07:07:44Z<p>Created page with "'''Prerequisite:''' * FortiGate firewall * SILBO Router or gateway * Static Public IP on wired internet connection * SIM card with active internet Note: This document is prepared using FortiGate FW v7.0.13 & SILBO 1.16_1.13 FW version. FortiGate VPN setup Create a new IPSec tunnel via VPN -> IPSec Tunnels -> (+) Create New <a href="/index.php/File:FortiGate_VPN_Setup.png" title="File:FortiGate VPN Setup.png">frameless|624x624px</a> IPsec Wizard will open, then follow below steps: * Give a name to IPsec VPN to Identif..."</p>
<p><b>New page</b></p><div>'''Prerequisite:'''<br />
<br />
* FortiGate firewall<br />
* SILBO Router or gateway<br />
* Static Public IP on wired internet connection<br />
* SIM card with active internet <br />
<br />
Note: This document is prepared using FortiGate FW v7.0.13 & SILBO 1.16_1.13 FW version.<br />
<br />
FortiGate VPN setup<br />
<br />
Create a new IPSec tunnel via VPN -> IPSec Tunnels -> (+) Create New<br />
<br />
[[File:FortiGate VPN Setup.png|frameless|624x624px]]<br />
<br />
<br />
IPsec Wizard will open, then follow below steps:<br />
<br />
* Give a name to IPsec VPN to Identify<br />
* Select “Site to Site” and select remote device as “Cisco”<br />
<br />
* Select “No NAT between sites” Option<br />
<br />
[[File:FortiGate VPN setup Wizard.png|frameless|624x624px]]<br />
<br />
* WAN IP address of a SILBO Router/gateway (As we do not have fix WAN IP, we provided a LAN IP and that will be removed later during ????????)<br />
* Select Outgoing Interface to the one that FortiGate will be using to communicate with Remote Device that is WAN interface.<br />
* Choose a pre-shared key and make sure you will configure in SILBO device and click next. <br />
<br />
[[File:FortiGate VPN setup Wizard 1.png|frameless|624x624px]]<br />
<br />
* Select Internal (FortiGate’s LAN) interface that you wish to use in IPsec.<br />
* Local Subnets field will populate automatically.<br />
* Put SILBO LAN subnet in Remote Subnets field and click on next.<br />
<br />
[[File:FortiGate VPN setup Wizard 2.png|frameless|624x624px]]<br />
<br />
<br />
Verify all the configurations as shown <br />
<br />
[[File:FortiGate VPN setup Wizard 3.png|frameless|624x624px]]<br />
<br />
<br />
In case you wish to add more tunnels you can do.<br />
<br />
[[File:FortiGate VPN setup Wizard 4.png|frameless|624x624px]]<br />
<br />
<br />
Once configuration is saved it should show as below.<br />
<br />
[[File:FortiGate VPN setup Wizard Final.png|frameless|624x624px]]<br />
<br />
<br />
Now convert the tunnel to custom as shown below.<br />
<br />
[[File:Converting tunnel to custom.png|frameless|624x624px]]<br />
<br />
Once saved it should move to custom VPN as shown below.<br />
<br />
[[File:Fortigate Firewall Custom VPN.png|frameless|624x624px]]<br />
<br />
Start editing configuration further as shown in below images.<br />
<br />
[[File:Fortigate Firewall Configuration further.png|frameless|624x624px]]<br />
<br />
<br />
[[File:Fortigate Firewall VPN Configuration.png|frameless|624x624px]]<br />
<br />
<br />
[[File:Fortigate Firewall VPN Configuration 1.png|frameless|624x624px]]<br />
<br />
<br />
[[File:Fortigate Firewall VPN Configuration 2.png|frameless|596x596px]]<br />
<br />
<br />
'''Configuring SILBO Router/gateway:'''<br />
<br />
'''Login to router using default IP 192.168.10.1 and default credentials admin/admin.'''<br />
<br />
[[File:Log In.png|frameless|624x624px]]<br />
<br />
<br />
Once login we can see the FW version.<br />
<br />
[[File:Firmware Version Dashboard.png|frameless|624x624px]]<br />
<br />
<br />
Change the IP address to required IP, in this testing we are using 192.168.11.1 IP address.<br />
<br />
To do that Navigate to Settings>>Network from 192.168.10.1 to 192.168.11.1 and save / update.<br />
<br />
Upon IP changed configure VPN.<br />
<br />
Navigate to >> Settings>>VPN>> IPsec>> and do as per below images<br />
<br />
[[File:Fortigate firewall VPN config.png|frameless|624x624px]]<br />
<br />
<br />
[[File:Fortigate Firewall VPN Configuration Dashboard.png|frameless|624x624px]]<br />
<br />
<br />
Once all the configuration is correctly configured and clicked on save button device will show VPN configuration >> General settings.<br />
<br />
Save and then navigate to VPN>>Ipsec setting page and click on update.<br />
<br />
In some time IPsec will come up and it can be seen as established as shown below.<br />
<br />
<br />
[[File:VPN IPSEC changes RC44.png|frameless|624x624px]]<br />
<br />
Also in FortiGate it can be seen as below.<br />
<br />
[[File:Fortigate status.png|frameless|624x624px]]<br />
<br />
<br />
<br />
To Ping server LAN, navigate to features>>Others and give LAN IP and ping.<br />
<br />
If the ping is not working then check the firewall side settings whether the ping is allowed or not.<br />
<br />
<br />
[[File:Fortigate VPN Others Options.png|frameless|624x624px]]</div>Wikisysop