- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: Anybody connect their Fortigate to a VPN servi...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Anybody connect their Fortigate to a VPN service?
Curious to see if anybody has configured their Fortigate to use a VPN service such as PIA, NordVPN or any of the million other ones that exist. I currently use pfsense at home due to it being able to use OpenVPN however I would love to switch to using my 60E if I can find a provider that supports the device.
Thanks in advance!
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
if you asking can a FORTIGATE act as a vpn_client, than the answer is no it can not. I'm not aware of the fortigate appliance acting like a ipsec or sslvpn client.
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sounds like you may mean a “site to site” VPN and yes, the Fortigate can do site to site IPSec, we run it from our FG80D to Amazon web service VPN.
GL
IT
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have to disagree, he mention the following;
such as PIA, NordVPN
These are private internet anonymous vpn solution akai dialup vpn-servers solution. A fortigate is not vpn-client
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yeah, was talking about it being a VPN client. Definitely sad to hear :'(
I'm aware of it being able to be used for site to site as I currently already used several fortigates to connect to Azure.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Ashlan,
Late reply but maybe you are still looking for it and otherwise i might help someone else with it.
Yes it is possible to use a Fortigate as a VPN client, took me a long while to figure out there i'm relatively new to the Fortigate world but helped my learning curve greatly!
I have it working with NordVPN.
On the website of Nordvpn there is a description on how to setup an L2TP connection initiated from you WAN interface.
This procedure works but then you will run into speed limitation of the L2TP setup.
What i did is setup the L2TP client according to their instructions but skip the routing part at the end.
Under routing monitoring you can see that the default route changed to a 10.x.x.x address as next-hop.
If you do not see the 10.x.x.x address as next-hop you will need to remove a static route (you'll recognise the one if you see it)
Your traffic is now VPN'ed.
I then changed the Administrative Distance of my normal static default route to 1, this causes your traffic to flow back over your normal internet connection.
I then created a policy based route to direct specific traffic towards the VPN tunnel by specifying the 10.x.x.x address you found earlier under Monitoring -> Routing
I simply created a separate SSID here with its own VLAN and gave that its interface on the FG (DHCP etc.).
So when i connect to that SSID the traffic will be redirected towards the VPN tunnel.
We just use it for unlocking the Netflix region filter but the policy based route can of course be tuned to redirect anything you want.
Works like a charm!
If you would like more help on this just reach out.
Regards,
Cy.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Again, a fortigate can not act like a vpn client . If your referring to this link
https://nordvpn.com/tutorials/fortinet-fortigate/l2tp/
Even nord tells you this is NOT a vpn as in your traffic is not encrypted. This a L2TP client access which is not a VPN.
[link]https://forum.fortinet.com/tm.aspx?m=98720[/link]
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Related Posts
- FortiGate 30E Slow connection via NAT 87 Views
- Migration of NAT/PAT rules from a... 85 Views
- 802.1x authentication for wifi users 161 Views
- Routing Issue on FortiGate 7.2.8 136 Views
- Dial-up IPsec tunnels with same source... 430 Views
Labels
-
FortiGate
6,442 -
FortiClient
1,284 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
410 -
5.6
362 -
FortiSwitch
330 -
FortiAP
326 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
82 -
FortiToken
69 -
Customer Service
69 -
IPsec
64 -
4.0MR3
64 -
Wireless Controller
57 -
SSL-VPN
53 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
18 -
FortiPortal
17 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
ZTNA
15 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
DNS
11 -
Interface
11 -
BGP
10 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
Traffic shaping
8 -
Virtual IP
8 -
RADIUS
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiAuthenticator
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSID
5 -
Security profile
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
DoS policy
3 -
FortiTester
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
Intrusion prevention
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.