Fortigate Transparent Remote Access VPN

Question

Hello all,

I am using Fortigate F60 in transparent mode at Homelab using DSLRouter as WIFR Router,DHCP Server and Internet GW with Static Public IP . Now I want to use Fortigate as Remote Access VPN, as per my basic Fortigate knowledge may be it not possible due to DHCP service are not available in tranparent mode.

Is there any possbility to configure Remote VPN Access in transparent mode.

Regards

kaman · Answer

Hi uniquewaheed,   FortiGate in transparent mode has significant limitations, especially when it comes to layer 3 services like DHCP, NAT, and VPN, because it's operating at Layer 2 (bridging) rather than Layer 3 (routing).     VPNs between two FortiGate units running in transparent mode do not support inbound/outbound NAT (supported through CLI commands) within the tunnel. In addition, a FortiGate unit running in transparent mode cannot be used in a hub-and-spoke configuration.   In a transparent VPN configuration, two FortiGate units create a VPN tunnel between two separate private networks transparently. All traffic between the two networks is encrypted and protected by FortiGate security policies.   Both FortiGate units may be running in transparent mode, or one could be running in transparent mode and the other running in NAT mode. If the remote peer is running in NAT mode, it must have a static public IP address.   You can refer to the document below for more information:   https://docs.fortinet.com/document/%20fortigate/6.0.0/handbook/815755/configuration-overview   If you have found a solution, please like and accept it to make it easily accessible to others.   Regards, Aman

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded