Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
douglas1942
New Contributor

IPSEC tunnel - does it need a dedicated IP address ?

Hello, I have a single public IP address on my Fortigate.

If I configured an IPSec tunnel using this address, will this interfere with my regular Internet bound traffic and incoming VIPs that also share this same public IP address ?

Or should I ask the ISP for an additional public IP address for my IPSEC tunnel ?

Thank you.

1 Solution
kcheng
Staff
Staff

Hi,

 

You can use the same public IP for both IPSec tunnel and regular internet traffic as well as incoming VIPs for as long as the port is available for IPSec connection. It is not a requirement to have a dedicated public IP to run IPSec VPN:

Cookbook | FortiGate / FortiOS 6.0.0 | Fortinet Documentation Library

Cheers,
Kayzie Cheng

View solution in original post

1 REPLY 1
kcheng
Staff
Staff

Hi,

 

You can use the same public IP for both IPSec tunnel and regular internet traffic as well as incoming VIPs for as long as the port is available for IPSec connection. It is not a requirement to have a dedicated public IP to run IPSec VPN:

Cookbook | FortiGate / FortiOS 6.0.0 | Fortinet Documentation Library

Cheers,
Kayzie Cheng