TechTalkSecurity

  Interface: config system interface     edit "port1"         set vdom "root"         set ip 192.168.0.108 255.255.255.0         set allowaccess ping https ssh http         set type physical         set netflow-sampler both         set alias "WAN1"         set lldp-reception enable         set role wan         set snmp-index 1         set secondary-IP enable         set mtu-override enable         set mtu 1000     next     edit "port4"         set vdom "root"         set ip 20.20.20.108 255.255.255.0         set allowaccess ping         set type physical         set alias "LAN"         set snmp-index 8     next VPN Config: Phase1: config vpn ipsec phase1-interface     edit "IKEv2"         set type dynamic         set interface "port1"         set ike-version 2         set peertype one         set net-device disable         set mode-cfg enable         set ipv4-dns-server1 192.168.0.254         set proposal a

Interface:  config system interface     edit "port2"         set vdom "root"         set ip 14.140.40.108 255.255.255.0         set allowaccess ping https         set type physical         set alias "WAN2"         set role dmz         set snmp-index 2     next     edit "port4"         set vdom "root"         set ip 20.20.20.108 255.255.255.0         set allowaccess ping         set type physical         set alias "LAN"         set snmp-index 8     next     edit "test"         set vdom "root"         set type tunnel         set snmp-index 9         set interface "port2"     next end IKEv2 VPN: config vpn ipsec phase1-interface     edit "test"         set interface "port2"         set ike-version 2         set peertype any         set net-device disable         set proposal aes256-sha256         set dhgrp 2         set nattraversal disable         set transport udp         set re

  IPsec Tunnel Interface: config system interface     edit "tun1-isp1"         set vdom "root"         set ip 172.16.1.1 255.255.255.255         set allowaccess ping         set type tunnel         set remote-ip 172.16.1.2 255.255.255.0         set snmp-index 9         set interface "port1"     next end config system interface     edit "tun2-isp2"         set vdom "root"         set ip 172.16.2.1 255.255.255.255         set allowaccess ping         set type tunnel         set remote-ip 172.16.2.2 255.255.255.0         set snmp-index 11         set interface "port2"     next end config vpn ipsec phase1-interface     edit "tun1-isp1"         set interface "port1"         set peertype any         set net-device disable         set proposal aes128-sha256         set comments "VPN:  -- Created by VPN wizard"         set wizard-type simplified-static-fortigate         set nattraversal disable         se