In this recipe, you will use the FortiGate IPsec VPN Wizard to set up an IPsec VPN between a FortiGate and a device running Windows Phone 10. The configuration will allow Windows Phone 10 users to securely connect to an internal network.
The IPsec VPN is a pre-shared key configuration that also requires users to authenticate with their own credentials to be able to connect to the VPN.
This recipe assumes that a user (dprince) and a user group (WinPhone_Users) have already been created on the FortiGate.
A Windows Phone 10 Lumia 930 running build 10581 was used for this configuration.
1. Configuring the IPsec VPN using the IPsec VPN Wizard |
|
|
Go to VPN > IPSec Wizard. Name the VPN connection (WinPhoneVPN). Select the Remote Access template, select the Windows Native device type, and select Next. |
 |
|
Set the Incoming Interface to the Internet-facing interface (wan1). Select the Pre-shared Key authentication method and enter a pre-shared key. Select the WinPhone_Users user group and select Next. |
 |
|
Set Local Interface to the internal interface and set Local Address to all. Enter an IP address range for VPN users in the Client Address Range field, enter a Subnet Mask, and select Create. Make sure no other interfaces on the FortiGate are using the same address range. |
 |
|
A summary page shows the wizard’s configuration. |
 |
| Go to Policy & Objects > IPv4 Policy and confirm that the wizard has created two policies: one policy for remote users to access the VPN, and one policy that has Service set to L2TP. |  |
2. Connecting to the IPsec VPN from the Windows Phone 10 |
|
| On the Windows Phone 10, go to Settings > Network & wireless > VPN and select Add a VPN connection. |  |
|
Enter a Connection name and set the Server name or address to the FortiGate’s Internet-facing interface. Set VPN type to Automatic and enter the pre-shared key — this key is the same one you added to the FortiGate. Select Save. |
 |
3. Results |
|
|
You will now connect to the IPsec VPN tunnel. From the VPN screen, select TheOffice. Sign in and connect using dprince‘s credentials. |
|
|
You should now be connected to the IPsec VPN. |
 |
| To verify the connection, on the FortiGate, go to Log & Report > VPN Events. |  |
| You may also verify the user’s connection by going to FortiView > VPN. |  |
The post IPsec VPN for Windows Phone 10 appeared first on Fortinet Cookbook.