Need to understand if the FG-70F in my hand can be able to support two IPSEC VPN via WAN interfaces connected to two different ISP in active active mode (with load balancing).
This is branch and at central side we have other FG with different model but same motive.
Please let me know how is it possible to implement this.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
Are you able to provide more information. Like a topology, are these members part of SDWAN zone.
Please check the following article for redundant :
You can definitely check by unsetting monitor main_VPN in the documentation
set monitor main_vpn
Regards,
ajoy
Hi Ajoy,
In our case the two sites are geo separated (different country) for example HQ1 in India and HQ-2 in USA is this solution feasible?
If you want simply load-balance between two paths and don't want to manipulate much, I would recommend IPsec Aggregate below:
https://docs.fortinet.com/document/fortigate/7.2.9/administration-guide/779544/packet-distribution-a...
Toshi
Hi Toshi,
LB with different internet link (different BW) will work in this case?
if yes then its good for me
It doesn't matter what kind of internet circuits those are as long as each has reachability to the other end.
Toshi
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.