Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Holy
Contributor

Creating new IPsec S2S Tunnels with FortiManager

Hello everybody,

 

i am keeping on testing FortiManager :=)

 

Now i have problems creating just normal S2S IPsec Tunnels from Manager. 

 

I can Create Phase 1 + Phase 2 and push it to Fortigate no Problem, But then when i want to create the Policies for that new IPsec VPN Interface Lets call it VPN-Example. This interface, that should be created automaticly after you assign the P1 + P2 is just isnt there!

 

you cant find such an interface in FortiManager...  if i log on locally on the Fortigate that i pushed the new IPsec VPN config, i see that interface and can also create new policies with this interface.

 

so then i tried to reinport the Policy from Fortigate, then the new interface is there and you can build the Policies on the FortiManager.

 

So i have to re-inport Policies everytime i create a new S2S - IPsec ???

 

 

NSE 8 

NSE 1 - 7

 

1 Solution
Pradhumna_FTNT

Hi,

 

Based on your post, i understand that you are trying to configure Site to Site VPN from the fortimanager.

 

We will have to use Dynamic objects to map the Ipsec Interface.

 

After creating the VPN tunnel on the fortimanager

 

Under Policy and Objects

Create a New interface Template in the Zone section in the Policy and Objects

Then In the device manager go to  Zone and interface section,you will be able to see the Interface template,edit the template and select the VPN interface

 

Now you can use this interface template in the firewall policy and install the same on the firewall.

 

Regards,

Pradhumna chandra

 

 

 

View solution in original post

2 REPLIES 2
Pradhumna_FTNT

Hi,

 

Based on your post, i understand that you are trying to configure Site to Site VPN from the fortimanager.

 

We will have to use Dynamic objects to map the Ipsec Interface.

 

After creating the VPN tunnel on the fortimanager

 

Under Policy and Objects

Create a New interface Template in the Zone section in the Policy and Objects

Then In the device manager go to  Zone and interface section,you will be able to see the Interface template,edit the template and select the VPN interface

 

Now you can use this interface template in the firewall policy and install the same on the firewall.

 

Regards,

Pradhumna chandra

 

 

 

Holy

Hello,

 

thank you very much. i didn´t know that

 

Pradhumna_FTNT wrote:

Hi,

 

Based on your post, i understand that you are trying to configure Site to Site VPN from the fortimanager.

 

We will have to use Dynamic objects to map the Ipsec Interface.

 

After creating the VPN tunnel on the fortimanager

 

Under Policy and Objects

Create a New interface Template in the Zone section in the Policy and Objects

Then In the device manager go to  Zone and interface section,you will be able to see the Interface template,edit the template and select the VPN interface

 

Now you can use this interface template in the firewall policy and install the same on the firewall.

 

Regards,

Pradhumna chandra

 

 

 

NSE 8 

NSE 1 - 7