Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AtiT
Valued Contributor

SD-WAN HUB in Azure is possible?

Hello, is there anyone who is running SD-WAN HUB in Azure? The FortiGate HUB has private IP on WAN side and the FortiManager will configure the SPOKEs to create IPSec connection to this private IP, not the public one.

 

I tried to set the local-gw in the IPSec configuration on the HUB in Azure to the public IP than the ike debug showed the SPOKE trying to connecting but No Proposal Choosen was the result. (probably the FortiGate excepted the connection to the public IP not to the private one)

If I chagne the private IP on the SPOKE to the public one the tunnel goes up. But every policy package install will rewrite back the IPSec remote-gw IP to the private one.

 

How to fix this?

AtiT
--------------------
NSE 8, CCNP R+S

0 REPLIES 0