Hello,
I need to connect a #Fortigate with FortiOS 7.4.6 and SDWAN by FortiClient VPN (IPSEC
Is there a way to achieve this goal?
This article is about Site to Site scenario, but about client to SDWAN?
Configure IPsec VPN with SD-WAN - Fortinet Community
Thank you
Hi Andrea
These two articles should help.
SD-WAN will not change anything to the IPsec configuration. In IPsec config you have to select the physical interface, not the SD-WAN interface. So if you need to use both WAN interfaces then you will have to create two IPsec tunnels on your FG (one on each interface).
Hello AEK,
thank you for your reply, but really it doesn't seem that simple.
The classic configuration do not work with SDWAN.
Which article are you referring to? and what exactly do you mean by "connect SDWAN by FortiClient VPN"?
Greetings,
You can connect a FortiGate with FortiOS 7.4.6 using FortiClient VPN (IPsec) and integrate it with SD-WAN.
Create the dialup tunnel, then add the IPsec Interface to the SD-WAN.
Note: Please make sure that no policy with an IPsec tunnel is created; otherwise, adding an IPsec interface as a member in SD-WAN will not be allowed.
Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
Hello,
the interface (WAN2) is part of SDWAN zone.
So, we don't need any policies related to the tunnel associated with WAN2 and the SD-WAN zone?
At least in FOS 7.2. there is some bug with ipsec dial up and sdwan. Sdwan cannot correctly detect wether a dialup is up or not and in interface mode the interface itself is always up. This leads to sdwan not taking down unusable routes which causes routing trouble then.
I don't know if that has been fixed in 7.4.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.