how to route traffic initiated from location to location C via location B on Fortigate?

Question

Hi, We have requirement to setup the connectivity on Fortigate as below: 1) We have our office in Country A and Country B. 2) We need to access a third party application hosted in Country C for which connectivity has been allowed by the third party application owner by whitelisting of Country B Fortigate WAN IP. 3) Our application hosted on servers hosted behind firewall in Country A has to access the application hosted in Country C via/through Country B firewall. Flow will be like: Request will be initiated by Country A servers towards the Country B firewall and then Country B firewall has to route the request to the Country C third party application using Country B firewall wan IP (because wan ip is whitelisted by application owner).

Kindly please advise how to achieve this and what configuration is required on our Country A, Country B Fortigate firewall. As of now there is no connectivity established between Country A and Country B firewall.

Toshi_Esumi · Accepted Answer

Looks correct once you put the static route for D.D.D.D/32 and 172.20.200.0/24 toward the tunnel at FGT-A. Then for 10.10.10.0/24 toward the tunnel at FGT-B.

Toshi_Esumi · Answer

Set up a site-to-site vpn for the application's final destination(s), then route it through the tunnel without NAT. Once the traffic reached the Country B location, it will be NATed to go out to the internet toward the provider.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded