Dominik Weglarz, IT System Engineer
PCNSE
NSE
StrongSwan
Dominik Weglarz, IT System Engineer
Dominik Weglarz, IT System Engineer
PCNSE
NSE
StrongSwan
what happens if custAorB needs to speak to a external networks that happens to use 192.168.1.0/24? ( did you ever thought about that scenario? )This is common problem with VPN tunnels but - usually I don' t build these networks. Most customers have their own IT which made decision many years before I arrived ;-) 4. There will be no traffic from WAN to LAN - no VIP.
Dominik Weglarz, IT System Engineer
Dominik Weglarz, IT System Engineer
VLinks works as point-to-point (like crossover patchcord + 2 interfaces of two routers) and that' s it. That was my problem.I like you analogy and yes that how I see it also. I believe fortigate has the means to declare the vlink-type and by the default it' s PPP and ethernet is an option. I' m sure Ede will come along and correct me if I' m wrong
Vdom link isn' t the only way to create link between two vdom. a physical cable works too ;True you just waste ports if you have 2+ or more vdom connectivity links. Another option that' s more economical 1: 802.1q router on a stick ( cisco L3 routers like a 3560 or 2550 are cheap now ) 2: you use 2 physical ports and build a 802.1q tagged interface between the 2 and one interface per vdom These are alternative to Psuedo vlink. As with anything, you have a host of PROs and CONs to look at in every scenario. Good luck.
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.