Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
youmustbecrazy
New Contributor II

Connection to Fortimanager using DHCP WAN IP

Hi guys please help,

 

I have a task in my office to create SD-WAN connection via FortiManager. but I have confused to make connection from Fortigate Branch to FortiManager because the branch WAN is DHCP with private IP. the position of FortiManager is on server (behind NAT) and it has public IP by using NAT from Fortigate. 
Is there any KB or suggestion to establish connection between it to make Fortigate on branch can be managed by FMG and create SD-WAN connection? Please advice ....

 

topology:

                            |HQ Site|                                                                                                                                |Branch Site|

Fortimanager (Public IP NAT) --> coreswitch --> Fortigate (static WAN1) <--> internet/ISP1 <--> Fortigate (DHCP WAN 3) <-- Coreswitch

                                                                                                                |                              X                               |

                                                                                                                |                              X                               |

                                                                                     Fortigatee  (static WAN2) <--> internet/ISP2  <--> Fortigate (static WAN4)

 

 

*each fortigate have 2 WAN interface with diferrent IP and will implement redundant links for SD-WAN ,  WAN1_HO <--> WAN4_Branch ,  WAN1_HO <--> WAN4_Branch,, and vice versa

 

FortiGate FortiManager  #SDWAN #tunnel #ipsec

 

FortiGate FortiManager 

1 Solution
gfleming
Staff
Staff

Here's some documentation helpful to your case:

https://docs.fortinet.com/document/fortimanager/7.2.1/administration-guide/522489/configuring-the-ma...

 

Basically the FGT will know the FMG public NAT IP address and will initiate connection to the public IP address. Does not matter if FGT IP changes, it will update FMG anyway.

Cheers,
Graham

View solution in original post

1 REPLY 1
gfleming
Staff
Staff

Here's some documentation helpful to your case:

https://docs.fortinet.com/document/fortimanager/7.2.1/administration-guide/522489/configuring-the-ma...

 

Basically the FGT will know the FMG public NAT IP address and will initiate connection to the public IP address. Does not matter if FGT IP changes, it will update FMG anyway.

Cheers,
Graham
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors