How to establish IPSec between fortigate and PFsense

secsupport · ‎02-11-2022

The remote office has Pfsence which is behind the router and has no public ip(wan interface) it's on local subnet of the router, FortiGate is direct with wan interface stati

so how we can have IPSec in this scenario

kindly explain

kcheng · ‎02-12-2022

Hi,

You will probably need a port forwarding from the router at the remote side to perform NAT from the public IP to the Pfsense behind that router. It would not be possible to form IPSec tunnel if FortiGate does not have route and connectivity towards the remote device. The remote gateway is required to be reachable from FortiGate before IPSec tunnel can be formed.

Cheers,
Kayzie Cheng

If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

kcheng · ‎02-12-2022

Hi,

You will probably need a port forwarding from the router at the remote side to perform NAT from the public IP to the Pfsense behind that router. It would not be possible to form IPSec tunnel if FortiGate does not have route and connectivity towards the remote device. The remote gateway is required to be reachable from FortiGate before IPSec tunnel can be formed.

Cheers,
Kayzie Cheng

If you have found a solution, please like and accept it to make it easily accessible for others.

secsupport · ‎09-19-2022

Dear @kcheng I did it successfully but just select the LAN port on pfsense side like we select the WAN interface normally but in this case was different (server-client scenario)

How to establish IPSec between fortigate and PFsense

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website