Curious to see if anybody has configured their Fortigate to use a VPN service such as PIA, NordVPN or any of the million other ones that exist. I currently use pfsense at home due to it being able to use OpenVPN however I would love to switch to using my 60E if I can find a provider that supports the device.
Thanks in advance!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
if you asking can a FORTIGATE act as a vpn_client, than the answer is no it can not. I'm not aware of the fortigate appliance acting like a ipsec or sslvpn client.
PCNSE
NSE
StrongSwan
I have to disagree, he mention the following;
such as PIA, NordVPN
These are private internet anonymous vpn solution akai dialup vpn-servers solution. A fortigate is not vpn-client
PCNSE
NSE
StrongSwan
Yeah, was talking about it being a VPN client. Definitely sad to hear :'(
I'm aware of it being able to be used for site to site as I currently already used several fortigates to connect to Azure.
Hi Ashlan,
Late reply but maybe you are still looking for it and otherwise i might help someone else with it.
Yes it is possible to use a Fortigate as a VPN client, took me a long while to figure out there i'm relatively new to the Fortigate world but helped my learning curve greatly!
I have it working with NordVPN.
On the website of Nordvpn there is a description on how to setup an L2TP connection initiated from you WAN interface.
This procedure works but then you will run into speed limitation of the L2TP setup.
What i did is setup the L2TP client according to their instructions but skip the routing part at the end.
Under routing monitoring you can see that the default route changed to a 10.x.x.x address as next-hop.
If you do not see the 10.x.x.x address as next-hop you will need to remove a static route (you'll recognise the one if you see it)
Your traffic is now VPN'ed.
I then changed the Administrative Distance of my normal static default route to 1, this causes your traffic to flow back over your normal internet connection.
I then created a policy based route to direct specific traffic towards the VPN tunnel by specifying the 10.x.x.x address you found earlier under Monitoring -> Routing
I simply created a separate SSID here with its own VLAN and gave that its interface on the FG (DHCP etc.).
So when i connect to that SSID the traffic will be redirected towards the VPN tunnel.
We just use it for unlocking the Netflix region filter but the policy based route can of course be tuned to redirect anything you want.
Works like a charm!
If you would like more help on this just reach out.
Regards,
Cy.
Again, a fortigate can not act like a vpn client . If your referring to this link
https://nordvpn.com/tutorials/fortinet-fortigate/l2tp/
Even nord tells you this is NOT a vpn as in your traffic is not encrypted. This a L2TP client access which is not a VPN.
[link]https://forum.fortinet.com/tm.aspx?m=98720[/link]
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.