# VPN Setup with Fortinet 1\. Log in to the Monogoto portal and go to *Network.* 2\. Edit your **“vpneu.mono”** network (EU zone) or **"vpnus.mono"** network (US zone).

3\. Go to Address Pools and copy IP Address/Mask.

4\. Go to Routes and copy Gateway IP.

5\. Now we need to add a Route to the VPN in Monogoto portal -> Network -> Routes section and Add new Destination = VPN IP address and mask\ Gateway = select Monogoto gateway\ Save and Close -> Apply Settings 6\. Lets add a VPN on the Monogoto portal. Please go to Network -> VPN section and Add a new VPN. Destination IP Address = Fortinet Networks Tunnel Outside IP Address\ Destination Network = Fortinet Networks VPC IPv4 CIDR\ Pool Name = Select your pool\ Save and Close -> Apply Settings

7\. Now that we have created the VPN on the Monogoto end, download a VPN config file that will have all of the needed information for VPN configuration on the Fortinet Networks end.

To set up the VPN on the Fortinet, First we will set up a VPN using the wizard, and then we will customize it 8\. Go to the Fortinet user interface. 9. Got to:\ 9.1 VPN->IPsec Wizard and:\ 9.2 Give the VPN name,\ 9.3 Chose Site-to-Site,\ 9.4 This site is behind NAT,\ 9.5 Remote device Cisco,\ 9.6 Press “Next”

10. On this page:\ 10.1 Set the Remote IP address of Monogoto GateWay,\ 10.2 Chose the outgoing interface of your Fortinet WAN,\ 10.3 Copy the Pre-Shared Key\ 10.4 Press “Next”

11\. On this page: 11.1 Set the Local interface\ 11.2 Set the Local Subnet\ 11.3 Set the remote Subnet (the subnet of the SIM cards)\ 11.4 Press "Create"

12\. On the main menu go to VPN -> IPsec Tunnels, find the new IPsec tunnel we created, and double-click it

13\. In order to change the default values press the "Convert To Custom Tunnel" button

14\. Press edit on the Phase 1 Proposal

15\. Set: 15.1 Encryption to AES128\ 15.2 Authentication to SHA1\ 15.3 Diffie-Helman Group to “2”\ 15.4 Key Lifetime 28800 sec

16 Press “edit” of Phase 2 Selecter:

17\. Set: 17.1 Encryption to AES128\ 17.2 Authentication to SHA1\ 17.3 Diffie-Helman Group to “2”\ 17.4 Key Lifetime to 3600 sec

18\. Press OK at the bottom to save all changes. The IPsec Tunnel should be UP in a few seconds

19\. Go back to Monogoto portal Network -> VPN. Check if our created VPN status is shown as Connected, if it is not, please press on Refresh button.

20\. When the status of the VPN is Connected, you may check the connection by doing a ping. You can do this by pressing on Ping button.

That's all, now the VPN tunnel is connected. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.monogoto.io/advanced-console/platform/vpn-setup-examples/vpn-setup-with-fortinet.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.