Site-to-site IPSec VPN with thirdy party products using private IP address on WAN.

Forum|Forum|10 years ago
June 24, 2015
2 replies
5282 views

Hi All,

I have a Fortigate and trying do a site-to-site IPSec VPN with a thirdy party equipment.

This equipment use a private IP address in it's WAN interface (10.x.x.x), delivered by ISP.

How can I do to configure this VPN?

The option to use dynamic dns doesn't work because the dynamic dns of Fortiguard use the IP of the Wan interface and not the public IP address of my ISP.

Regards,

Claudio Rezende

gschmitt

New Member

Do you have a static public IP?

Can you enable Port Forwardings on the ISPs device or all ports forwarded to the FortiGate?

rezendecsAuthor

New Member

@gschmitt,

In side of Fortigate I have static public IP address, but in other side not, and I don't have access to ISP router to forward the traffic to firewall.

Regards,

Claudio

gschmitt

New Member

Go to VPN > IPSec > Tunnels

Enter a Name and select Custom VPN Tunnel

IPv4

Static IP Address

Enter the IP Address of the other side

Select the connected interface (usually wan1)

Preshared Key > Enter the key for dialup

Select encryption as needed and the local and remote address

On the other side (assuming it's fortigate)

Copy nearly all settings from above but select Dialup User as Remote Gateway

Make sure policies and routes on both sides are created or add them if needed.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded