Skip to main content
AtiT
AtiT
New Member
July 19, 2021
Question

SD-WAN HUB in Azure is possible?

  • July 19, 2021
  • 1 reply
  • 1840 views

Hello, is there anyone who is running SD-WAN HUB in Azure? The FortiGate HUB has private IP on WAN side and the FortiManager will configure the SPOKEs to create IPSec connection to this private IP, not the public one.

 

I tried to set the local-gw in the IPSec configuration on the HUB in Azure to the public IP than the ike debug showed the SPOKE trying to connecting but No Proposal Choosen was the result. (probably the FortiGate excepted the connection to the public IP not to the private one)

If I chagne the private IP on the SPOKE to the public one the tunnel goes up. But every policy package install will rewrite back the IPSec remote-gw IP to the private one.

 

How to fix this?

    1 reply

    Hatibi
    Staff & Editor
    Hatibi
    Staff & Editor
    April 11, 2024

    Hi AtiT,

     

    following Deplyoment guide shows how to implement SD_WAN HUB in Azure:

    https://docs.fortinet.com/document/fortigate-public-cloud/7.4.0/azure-vwan-sd-wan-ngfw-deployment-guide/372408/microsoft-azure-vwan-and-nva-overview

     

    Regards

      Terms & ConditionsAccessibility statement