Skip to main content
raven403
raven403
New Member
May 18, 2025
Question

DM VPN

  • May 18, 2025
  • 2 replies
  • 728 views

Hi everyone,

I'm currently working on configuring a Dynamic VPN (DVPN) setup using FortiGate firewalls. The topology includes two main hubs and multiple spokes (branch offices). I'm trying to understand the best way to structure the VPN connections.

My question is: Is it possible to configure a single tunnel from each spoke that connects to both hubs, or is it required to set up a separate tunnel from each spoke to each hub individually https://100001.onl/

2 replies

kaman
Staff
kaman
Staff
May 18, 2025

Hi Raven403,

In a dynamic VPN (dial-up VPN) setup using FortiGate firewalls, each spoke (branch office) typically needs to establish a separate tunnel to each hub

Please refer to the document below for more information:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Dialup-VPN-Configuration-Between-Two-FortiGates/ta-p/197667

If you have found a solution, please like and accept it to make it easily accessible to others.


Regards,
Aman

Yurisk
SuperUser
Yurisk
SuperUser
May 18, 2025

Hi, no, in Fortinet world you have to have 2 separate tunnels to 2 hubs if you want the 2nd hub to be used. It is, after all, ADVPN, not DMVPN by Cisco, it may look similar, but underlying mechanisms are completely different. 

 

Terms & ConditionsAccessibility statement