Background

At the early age of FortiManager , there a VPN Console which is a IPSec VPN Wizard across many FGT . Unless the "IPSec VPN Wizard" on FGT -- it is to configure a single FGT . FMG VPN Console try to handle higher level topology and generate configure file across many FGTs.  At 2011 , there a customer try to use VPN Console to configure a site to site , hub to spoke topology , total 200+ FGTs , they found the VPN Console need a week to generate configure and when add 201 FGT , all configure for all FGTs need regenerate again . The new Top3 case **1459** has been created to address the customer requirement . Later , Top3 case **1552** for Dialup topology and rename to VPN Manager 
* add cache feature , when add new VPN Node , only generate relate configure 
* add mode-cfg with forticlient support
* add dual-interface support
* add monitor and Google Map support
* add mix mode -- to support DVM IPsec and VPN manager together
* add FGT 5.6 , 6.0 GCM support in Phase1 and Phase2
* add customer zone support
* at Oct-2018 add DialUp topology Dual hub support
Some limitation need to know 
* VPN Manager not support all topology but common topology 
* only support One IPSec Interface mode , no tunnel mode support
* only support One Phase2-inteface over Phase1-interface
* Not support IPv6 , yet
* Not support SD-Wan, yet
* Not support ADVPN 

Common Topology

Common Topology

  • Full Mesh
  • Star
  • Dial-Up

Feature VPN

Feature VPN

  • Authentication with Local Certificate
  • DDNS
  • Multi-Home
  • Intra-VDOM VPN