Fortigate to Unifi VPN

6th February 2024

Uncategorised

This was shockingly easy

I removed all the phase 1 encryption methods that weren’t being used and any DH group that didn’t match the Unifi

The Phase 2 proposal was similarly trimmed down to only what matched the Unifi. Replay detection doesn’t seem to matter so leave that on.

In Unifi Network 8.0.26, Settings, VPN, Site to site VPN

The Advanced section on Unifi doesn’t need to be set to Manual, i just wanted the IKE and ESP settings to show as we are matching those on the Fortigate.

My only concern here is the Unifi uses AES-128 because it doesn’t have a very powerful CPU.