Fortigate IPsec Two Tunnels running con-currently

Abel · ‎05-16-2024

Dear Support,

Please kindly advise me here.

I have Fortigate firewall version 7.2.8 configured with FortiClient VPN to Onpremise network and all is working fine, but now I want to add a connection(IPsec tunnel) to Microsoft Azure in the Cloud, we are in the process of migrating to cloud. Is it possible to run a local connection to (Onpremise) and then another connection again into Microsoft Azure Cloud simultaneously without conflict and will that work properly?

And will I be able to connect two FortiClient VPN's one to Ompremise network and the other to Microsoft Azure Cloud network on my laptop?

I look forward to your response.

Thank you in advance.

Kind regards,
Abel

JGaiser · ‎05-17-2024

You don't have to disconnect to switch between networks. Just 1 network has SSLVPN and you access the 2nd network through IPSEC and SSLVPN Portal settings. (and firewall rules).

View solution in original post

JGaiser · ‎05-16-2024

Do IP Sec from your premise network to the cloud.

SSL VPN to premise network and configure SSLVPN portal to allow SSLVPN clients to access cloud resources.

hbac · ‎05-16-2024

Hi @Abel,

So you want to connect to 2 IPsec VPN at the same time from FortiClient? It is not possible. You can only connect to 1 VPN at a time.

Regards,

JGaiser · ‎05-16-2024

You provided an incorrect answer.

With SSLVPN portals, you can use an SSLVPN connection from a central location to access resources on the other end of as many IPSEC tunnels as you want.

Abel · ‎05-17-2024

Hi JGaiser,

Thank you, so is it possible that I can configure the Fortigate to Azure Cloud while my employees are using SSLVPN connected to the On-premise network without interrupting them?

JGaiser · ‎05-17-2024

Yes.

If you already have SSLVPN setup to one of the locations, all you need to do is configure the IPSEC tunnel between the locations and configure an SSLVPN portal on the site with the existing SSLVPN connection. The portal will grant access to the resources through the IPSEC tunnel. You will have to add the users to the new portal and map the access in SSLVPN settings menu.

Abel · ‎05-17-2024

Hi JGaiser,

Thank you very much, I just wanted confirmation before I start with the project.

Kind regards,
Abel

Abel · ‎05-17-2024

Not necessarily want two VPNs to work at the same time but I want to use lets say SSLVPN to connect to the Onpremise once I am done with what I am doing I can disconnect then connect to Azure cloud. So I want to know if this is possible and the Fortigate is able to do this? When I configure Fortigate to the cloud network I don't want it to interfere with the connection to the onpremise network because employees are working.

Kind regards,

Abel

JGaiser · ‎05-17-2024

You don't have to disconnect to switch between networks. Just 1 network has SSLVPN and you access the 2nd network through IPSEC and SSLVPN Portal settings. (and firewall rules).

Fortigate IPsec Two Tunnels running con-currently

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website