FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This articles describes about adding a new subnet to existing site-to-site tunnel created by wizard without converting it to a custom tunnel.
6.0, 6.2, 6.4 ,7.0, 7.2 v.
Users are having issue when trying to add a new subnet to the existing address group created by wizard.
Only addresses created by the wizards are visible and can be added as members, addresses, created other than wizard are not available in the options for adding it to the site-to-site tunnel address group.
Go to Policy & objects - > Addresses, select one of the addresses created by wizard and right click on it and option to ‘Clone’ should appear. After giving it a name, edit this newly cloned address and change the Ip/netmask to the new desired subnet that needs to be added to the site-to-site tunnel and select on ‘Ok’.
Then go to address group where address needs to be added and one will see it is now available to add it to the list of members.
Now Add this address as member and select ‘OK’ to save this setting and now user will see this new subnet is added to the VPN site-to-site Tunnel.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.