Hello, I'm hoping that someone can help point me in the right direction (or provide a simple example) for what I need to do.
I am looking to do the following:
- Set up a Mesh VPN between 3 sites. Main site has 2 60D devices in HA and has VPN tunnel to Azure. Other sites have only 1 60D. Single ISP in all sites.
- Need to limit traffic across VPN to some subnets only.
- Need to restrict some subnets to communication in one direction.
- Need to route traffic to Azure from other sites via Main site.
OCVPN not an option at this time.
Thanks in advance.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
1: route-base
2: dynamic routing protocol
3: for controlling traffic, that's the job of the fw-policy-id, adjust the service src/dst address and allow only those traffic
4: as far as routing all traffic back to main 2 get to azure ensure that remote-subnets at sites with 1x 60D are included into the azure vpn-setup
Ken Felix
PCNSE
NSE
StrongSwan
Thank you for the reply.
I will take your suggestions.
By the way, do you have any opinion on whether I should use the wizard (with ADVPN) for the mesh setup, or should I do it manually?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.