Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Layer 2 Device Hosting a VPN to provide Remote Fortigate

Hello There,


I have a use case whereby we dont have access to the layer 3 device to provision an IPSec connection. Furthermore, the network is managed by a third party, so we cant migrate the LAN to a new Router/Firewall.


This means our only option to gain access to the client devices on the network is via VPN software/hardware tool which is installed as a layer 2 device. This could be Rasberry Pi, Windows Server, Windows 10, Linux etc.




The only Layer 2 Device solution im aware of is the Windows Routing and Remote Access (RRAS)


However, I dont beleive the FortiGate can connect to a SSTP VPN?


Any clever solutions welcome :)


Thank you in advance.





you will likely need to know first how either of the two endpoints can contact each other.

Otherwise accessing a stranger network would be rather inseucre.


If you cannot manage the firewall in between you likely cannot do a port forward to the raspi.

You could however use strongswan/libreswan for example to connect to the known IP address of the FGT with a dialup VPN. So connect from inside the network to the firewall.




Best regards,



Top Kudoed Authors