- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ipsec vpn from lan interface
Hello, I have two fortigate routers on two sites. Between the sites I have an antenna connection. I would like to create an ipsec vpn, but instead of using internet and wan interfaces, I would like to create the ipsec using the internal interface and create it inside this antenna connection. Is this possible? if yes, how can I achieve it?
Thanks.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your problem is standard and solvable but you don't want to create the tunnel on a LAN interface. Use a private WAN interface (create them if needed) on each FG and assign point-to-point addresses. You can use any standard LAN IP scheme that you are not using in your LAN. Make the network very small. Like /30 (255.255.255.252). Make sure they can ping each other then setup the IP tunnel over that private WAN.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your problem is standard and solvable but you don't want to create the tunnel on a LAN interface. Use a private WAN interface (create them if needed) on each FG and assign point-to-point addresses. You can use any standard LAN IP scheme that you are not using in your LAN. Make the network very small. Like /30 (255.255.255.252). Make sure they can ping each other then setup the IP tunnel over that private WAN.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Duncan, can thank you enough. You save me. Works like a charm.
Thank you very much.
