Configuring Site to Site VPN in FortiGate 300E

Hi Tahhan

Sure you can. Your FortiGate with dynamic IP must be configured as dialup client.

https://docs.fortinet.com/document/fortigate/7.6.1/administration-guide/6896/fortigate-as-dialup-client

Hope it helps.

Or, just use DDNS that FTNT/FGT offers.

Toshi

Hello T@tahhan

Yes, you can configure a site-to-site VPN between two sites using a FortiGate 300E, even if one of the sites has a dynamic IP address. Here are the general steps to achieve this:

1. Set up Dynamic DNS (DDNS) on the FortiGate with the dynamic IP address:
- Ensure the DDNS service is functioning correctly on the FortiGate.
- Configure the FortiGate to use FortiDDNS with a unique location name corresponding to the WAN interface.
- For detailed steps on configuring Dynamic DNS on FortiGate, you can refer to the link provided in the configuration guide.

2. Navigate to VPN -> IPSec tunnels on the FortiGate:
- Create a new tunnel.
- For the remote gateway, choose 'Dynamic DNS' and input the remote site's DDNS name.
- Select the external interface (WAN) that will be used to communicate with the remote site.

By following these steps, you can establish a site-to-site VPN between the FortiGate 300E and a remote site with a dynamic IP address.

ref:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-IPsec-VPN-between-static-and-dynamic-IP-FQDN/ta-p/191815

Regards!