Tag: ipsec

Juniper SRX Site to Site VPN (cli)

Create a Secure Tunnel to be used for the route-based VPN set interfaces st0 unit 1 description “VPN from Site1 to Site2” set interfaces st0 unit 1 family inet Put the Secure Tunnel interface in the security zone VPN set security zone security-zone VPNs interface st0.1 Create the Phase 1 IKE security proposal set security…




Cisco ASA Site to Site VPN using ASDM

(Using most common configuration) 1) – Configuration -> Site-to-Site VPN -> Connection Profiles Allow IKEv1 access on the outside interface 2)¬†Configuration -> Site-to-Site VPN -> Advanced -> IKE Policies Priority 10 Authentication: pre-share Encryption: aes-256 DH Group: 2 Hash: sha Lifetime: 86400 seconds 3) Configuration -> Site-to-Site VPN -> Advanced -> Tunnel Groups Name: IP…




Cisco ASA Site to Site VPN Configuration (CLI)

(Using most common configuration) 1) Enable IKEv1 on the outside interface: crypto ikev1 enable outside 2) Create the IKEv1 policy – this defines the algorithms used for encryption, hashing, DH group, authentication and lifetime crypto ikev1 policy 10 encryption aes-256 hash sha group 2 authentication pre-share lifetime 86400 3) Create a Tunnel Group and define…




Fortigate VPN Troubleshooting

Use the following commands to check the Phase1/Phase2 configuration: show vpn ipsec phase1-interface edit “NAME_OF_VPN_P1” set interface “INTERNEToutside set proposal aes256-sha256 set remote-gw 1.2.3.4 set psksecret ENC next show vpn ipsec phase2-interface edit “NAME_OF_VPN_P2” set dst-addr-type name set phase1name “NAME_OF_VPN_P1” set proposal aes256-sha1 set replay disable set src-addr-type name set dst-name “NETWORK_DST_10.1.1.0/23” set keylifeseconds 28800…