Hi everyone,
We're in the process of switching over to a new ISP and they recently dropped their service in our data closet. I don't think the person who ordered the service realized it at the time but this is not a managed service, meaning they do not have a router at our location. Instead, they give a /30 that we must configure to use for the edge and a /27 that we can use for our external services. I had a Juniper SRX340 lying around so I put an IP from the /30 on the outside interface and an IP from the /27 on the inside interface a long with a route to the next hop. I then put an IP address from the /27 on the WAN1 interface on my Fortinet 200D along with a route pointing to the inside IP on the Juniper I was connected.
I would like to take the Juniper SRX out of the mix and just use my Fortigate 200D. What is the best way to go about this? I have tunnels and external resources using that /27 so I don't want to have to change any of that. I have two pictures attached that has our current and proposed setup. Thanks everyone in advance. Thanks,
Pat
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
You don't need a second port for the 444. network in my opinion. Just move the one port from the juniper to the FortiGate, and change the policies accordingly. I guess it could be kind of difficult depending on the services you are using for these addresses.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.