IPSec Site-To-Site VPN between Fortigate and Cisco Router
Today I will talk about how to setup a IPSec Site-to-site between a Fortigate firewall and Cisco IOS router. Our network topology looks like this - IPSec Site-to-Site VPN All the devices are configured with necessary IP addresses according to the network diagram. Traffic between 192.168.10.0/24 and 192.168.20.0/24 will travel via IPSec tunnel. The tunnel is created over the 172.16.51.0/24 network. In this example the tunnel endpoints are in the same network. In real life they are almost always in different networks controlled by different companies. We will start configuring the Cisco IOS router first. Creating isakmp policy (phase 1) crypto isakmp policy 10 hash md5 encryption des authentication pre-share group 5 Here we are defining our policy for phase 1 which are - Encryption - DES Authentication - MD5 D-H group - DH5 Authentication Method - pre-shared key Defining pre-shared key and peer crypto isakmp key juniper address 172.16.51.1