Netskope Help

Configure FortiGate

There’re two options to accomplish the configuration: CLI and GUI. CLI is faster, but some users are more comfortable with the GUI option. Both are covered here.

Configure FortiGate using a CLI
  1. Create a VPN IPsec Phase 1.

    image1.png
  2. Create a VPN IPsec Phase 2.

    image2.png
  3. Create at least one policy with VPN interface associated. For example:

    image3.png
  4. Create a route to push VPN into RIB.

    image4.png
  5. Create a policy-based router to redirect webtraffic to Netskope.

    image5.png
How to Configure FortiGate using WebUI

To begin, you must create a VPN IPsec interface.

  1. Create a new IPsec Tunnel.

    image6.png
  2. Find the command Wizard and select Custom.

    image7.png
  3. In the Remote Gateway section, enter the IP Address and Interface information. Continue to the Authentication section and complete the Method and Pre-shared Key sections.

    image8.png
  4. Complete the Phase 1 section.

    image9.png

    Note

    The Local ID must be the same as Source Identity in your Netskope tenant.

  5. Complete the Phase 2 section. Enter the appropriate information into the Diffie-Hellman Group and Seconds sections.

    image10.png
  6. Click OK.