Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yuto
New Contributor

IPSec VPN between Velocloud and FortiGate

Has anyone been able to make a VPN work between Velocloud Gateway and a FortiGate?

We are trying to connect to a business that had Velocloud and all their sites are connected to it. If we are able to create an IPSec VPN between their gateway and our FortiGate, we will need only 1 VPN for all sites

Problem is that the gateway uses multiple WAN IPs as I was told and the FortiGate can only accommodate 1 per VPN. Also, they seem to alternate between IPs so not sure how trafic control would work. The other company does not want to put that many hours on this setup so anything too complicated will not work.

I tried putting the VPN on the FGT in dynamic mode but static routes cannot be directed to the sub VPN that is created (not sure about the name). The VPN comes up but nothing else works.

We have the option (backup plan) to create 1 VPN per site to our FGT which is a more traditionnal way of doing it.

The Velocloud is very limited from what I saw on the shared screen.DHgroup 14 max and Phase 1 and 2 need to have same settings from what I saw.

https://9apps.ooo/
1 REPLY 1
gfleming
Staff
Staff

Can you post a topology?

 

If the Velocloud initiates to the FortiGate you don't need to worry about multiple WAN IPs on the VC side. There are ways of adding the routes for remote networks... 

 

But let's start with your topology so we can get a very clear idea of your end goals here.

Cheers,
Graham
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors