I will post another article on the same subject, but then I’ll make the tunnel as secure as I can, (watch this space). Couple that with all the weak Crypto sets that get enabled, because someone might have a hardware firewall from 1981 or something! So in production I’d consider doing things a little more manually. Which means it enables IKEv1 NOT IKEv2 on the Fortigate, and BOTH IKEv1 and IKEv2 gets enabled on the Cisco ASA. This is designed for the ‘Let’s just make it work, who cares what’s going on under the hood‘ generation. ![]() ![]() Well that’s the pretty picture, I’m building this EVE-NG so here’s what my workbench topology looks like ĭisclaimer (Read First! Especially before posting any comments!)įortinet prides itself on you not needing to use the CLI, (until you actually need to use the CLI of course!) But both ends are configured using the GUI and ASDM.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |