Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ad2104
New Contributor II

Created on ‎05-21-2024 06:30 AM

ADVPN Setup- Hub and Spokes Wan Interfaces connected via L2 VPLS

 

I need to setup ADVPN (using iBGP) between a Hub and 10 Spokes. Hub to Spokes and Spoke to Spoke (shortcut tunnel) communication is needed.

Hub and Spoke's Wan Interfaces are connected via Layer 2 VPLS network.

Would you please advise if ADVPN setup is feasible in such topology where Hub and Spokes FTG's WAN interface is connected by Layer2 VPLS?

 

ADVPN_Sample-Topology.PNG

Thank you

Labels:
303
0 Kudos
2 Solutions
ad2104
New Contributor II
In response to ozkanaltas

Created on ‎05-21-2024 07:05 AM

Hi @ozkanaltas ,

Thank you for your response and document links. Config wizard looks really good, I am sure it will help. 

The other link mentioned to create a static route for WAN Interface, I am not sure what Gateway IP i can provide in case of VPLS infrastructure. Would you kindly suggest?

 

FGT_WAN_Interface.png

Thank you

View solution in original post

266
0 Kudos
ozkanaltas
Valued Contributor II
In response to ad2104

Created on ‎05-21-2024 07:14 AM

Hello @ad2104 ,

 

You don't need to do that configuration. Because your FortiGates are on the same broadcast domain. This configuration is for if your FortiGates isn't on the same broadcast domain. 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW

View solution in original post

If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
262
4 REPLIES 4
ozkanaltas
Valued Contributor II

Created on ‎05-21-2024 06:40 AM Edited on ‎05-21-2024 06:40 AM

Hello @ad2104 ,

 

You can build this structure on VPLS infrastructure. You can review this document. This document shows how you can create advpn with config wizard. Config wizard creates everything on behalf of you.

 

https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/853412/ipsec-vpn-wizard-hub-...

 

https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/820072/advpn-with-bgp-as-the...

 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
283
ad2104
New Contributor II
In response to ozkanaltas

Created on ‎05-21-2024 07:05 AM

Hi @ozkanaltas ,

Thank you for your response and document links. Config wizard looks really good, I am sure it will help. 

The other link mentioned to create a static route for WAN Interface, I am not sure what Gateway IP i can provide in case of VPLS infrastructure. Would you kindly suggest?

 

FGT_WAN_Interface.png

Thank you

267
0 Kudos
ozkanaltas
Valued Contributor II
In response to ad2104

Created on ‎05-21-2024 07:14 AM

Hello @ad2104 ,

 

You don't need to do that configuration. Because your FortiGates are on the same broadcast domain. This configuration is for if your FortiGates isn't on the same broadcast domain. 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
263
ad2104
New Contributor II
In response to ozkanaltas

Created on ‎05-21-2024 07:18 AM

Thank you @ozkanaltas 

257
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.