Description | This article describeshow to move DialUP VPN from the default VRF to another. |
Scope |
FortiGate v7.0+. FortiClient v7.0+. |
Solution |
In this example, DialUP and LAN interface belongs to VRF default (VRF 0). These interfaces will be moved to VRF 3.
The DialUP VPN is already configured and working. DialUP users can reach the LAN interface:
Port4 -> WAN interface. DialUp -> VPN DialUP interface that is bound to WAN (Port4) Port3 -> LAN interfaces
FGT-VM04 (root) # get router info routing-table database Routing table for VRF=0
Change the VRF ID on each interface:
1) DialUP interface:
# config system interface
2) LAN interface:
# config system interfac
3) When the user connects to the VPN via FortiClient, the routing-table shows the following:
FGT-VM04 (root) # get router info routing-table database Routing table for VRF=0 Routing table for VRF=3
DialUp and Port3 are members of the same VRF. The 10.213.13.1 is the IP got by FortiClient. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.