Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
SSUPPORT
New Contributor

Created on ‎09-08-2023 08:32 AM

AWS GWLB cross AZ

In reference to the below article.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-GEneric-NEtwork-Virtualization...

The below traffic config 

config system geneve

    edit "consumer"             

        set interface "port1"

        set type ppp    <- case where the internal packet has no Ethernet Header.

        set remote-ip 10.4.1.22 <- GENEVE tunnel remote peer IP address.            

    next

end

 

1. In the above config , when we deploy customer VPC in 2 AZs and with 2 GWLBendpoints

 

2. What do we configure on the GENEVE interface as remote iP , will this be the GWLB IP address from the same subnet as Security VPC  or the Remote GWLBe endpoint IP address

 

Labels:
972
0 Kudos
3 REPLIES 3
Anthony_E
Community Manager
Community Manager

Created on ‎09-10-2023 09:27 PM

Hello SSUPPORT,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
929
0 Kudos
Anthony_E
Community Manager
Community Manager

Created on ‎09-12-2023 10:50 PM

Hello SSUPPORT,

 

We are still looking for someone to help you.

We will come back to you ASAP.


Regards,

Anthony-Fortinet Community Team.
897
0 Kudos
saneeshpv_FTNT
Staff
Staff

Created on ‎09-17-2023 11:23 PM

Hi @SSUPPORT ,

 

Not sure if you have seen this article.

 

https://aws.amazon.com/blogs/networking-and-content-delivery/integrate-your-custom-logic-or-applianc...

 

Anyway, based on the flow explained in this article, your Security appliance (ex: FGT here) should be configured the Remote IP as the IP address of GWLB and not GWLBE. One GWLB can be connected to many GWLBEs.

 

Not sure if this clarifies your questions. If not please open a case with Fortinet Support for additional help.

 

Best Regards,
Saneesh

864
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.