Hi Guys, i need to configure a vpn site-to-site between Fortigate100E in HA and Azure . The Fortigate is set with 2 wans in load balancing .
I want to know how to configure this vpn from the Firewall with two wans to Azure Cloud , in such a way that to have a high reliability of the vpn (in case one of the line is down the vpn is routed to the other active line) .
Firmware version of two firewalls is 6.0.2
thanks for your support
Antonio
Hi tony85,
in my environment (dealing with two fortigates) what I did to configure a vpn failover is configuring two identical vpns (on the fortigate side), one with interface set to wan1 and the other with wan2.
Once done that, if you edit the backup vpn through the cli, there is a setting "set monitor ' '" which allows you to set the failover vpn in monitor mode with respect to the other one.
So for example:
- VPN-Headquarter (wan1)
- VPN-Backup (wan2)
Enter the cli:
- config vpn ipsec phase1-interface
- edit VPN-Backup
- set monitor 'VPN-Headquarter'
-end
Done that, you will se up only the primary one. If the wan1 interface goes down, the backup one will come up.
Hopefully this configuration will help you.
Eleonora
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
