VPN Setup with Fortinet
The following guide describes how to set up a secure VPN tunnel between the Monogoto account and the Fortinet Networks interface.
Last updated
The following guide describes how to set up a secure VPN tunnel between the Monogoto account and the Fortinet Networks interface.
Last updated
1. Log in to the Monogoto portal and go to Network.
2. Edit your “data.mono” network (EU zone) or "vpnus.mono" network (US zone).
3. Go to Address Pools and copy IP Address/Mask.
4. Go to Routes and copy Gateway IP.
5. Now we need to add a Route to the VPN in Monogoto portal -> Network -> Routes section and Add new
Destination = VPN IP address and mask Gateway = select Monogoto gateway Save and Close -> Apply Settings
6. Lets add a VPN on the Monogoto portal. Please go to Network -> VPN section and Add a new VPN.
Destination IP Address = Fortinet Networks Tunnel Outside IP Address Destination Network = Fortinet Networks VPC IPv4 CIDR Pool Name = Select your pool Save and Close -> Apply Settings
7. Now that we have created the VPN on the Monogoto end, download a VPN config file that will have all of the needed information for VPN configuration on the Fortinet Networks end.
To set up the VPN on the Fortinet, First we will set up a VPN using the wizard, and then we will customize it
8. Go to the Fortinet user interface.
Got to: 9.1 VPN->IPsec Wizard and: 9.2 Give the VPN name, 9.3 Chose Site-to-Site, 9.4 This site is behind NAT, 9.5 Remote device Cisco, 9.6 Press “Next”
On this page: 10.1 Set the Remote IP address of Monogoto GateWay, 10.2 Chose the outgoing interface of your Fortinet WAN, 10.3 Copy the Pre-Shared Key 10.4 Press “Next”
11. On this page:
11.1 Set the Local interface 11.2 Set the Local Subnet 11.3 Set the remote Subnet (the subnet of the SIM cards) 11.4 Press "Create"
12. On the main menu go to VPN -> IPsec Tunnels, find the new IPsec tunnel we created, and double-click it
13. In order to change the default values press the "Convert To Custom Tunnel" button
14. Press edit on the Phase 1 Proposal
15. Set:
15.1 Encryption to AES128 15.2 Authentication to SHA1 15.3 Diffie-Helman Group to “2” 15.4 Key Lifetime 28800 sec
16 Press “edit” of Phase 2 Selecter:
17. Set:
17.1 Encryption to AES128 17.2 Authentication to SHA1 17.3 Diffie-Helman Group to “2” 17.4 Key Lifetime to 3600 sec
18. Press OK at the bottom to save all changes. The IPsec Tunnel should be UP in a few seconds
19. Go back to Monogoto portal Network -> VPN. Check if our created VPN status is shown as Connected, if it is not, please press on Refresh button.
20. When the status of the VPN is Connected, you may check the connection by doing a ping. You can do this by pressing on Ping button.
That's all, now the VPN tunnel is connected.
