Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MarcusI
New Contributor

Question about tunnel interface

Hi , First at all I want to say thanks for all support that always we can find here. The question is this: can I configure a tunnel in interface mode without a Policy Route? I remember have seen a guide where we have to configure 4 things : the tunnel, Policy Route, static route and policys IPv4...however a partner told me that Policy route is not necessary, I'm not sure abot this. I put this on the table because one time I configured the tunnel and it was UP without the Policy route but ther's no had anykind of traffic. My partner insisted that only with the static route it had must work...but until I put the Policy Route we have had traffic between our two localities. Correct me please if I'm wrong.

 

I'm using firmware 6.2.1 in differents models of fortigates.

Thanks in advance.

1 REPLY 1
Toshi_Esumi
Esteemed Contributor III

Introduction of interface-mode or route-base IPSec is not to need sticky policy route and route more easily and dynamically if necessary starting with 5.0 or even before(?) long time ago.

So, you need routes, instead of policy routes.

Labels
Top Kudoed Authors