I have a head office and a remote branch with each connected via MPLS Link and each site with a separate dedicated internet connection. Both site with fortigate I want to use the mpls link as the primary and the site to site vpn as backup. If my mpls link goes down then it should failover automatically to the vpn tunnel and when the mpls link back to normal then it should revert back again to the primary mpls link.
Can someone tell me how to configure it.
Thanks
Are the MPLS line terminated at the remote/head-end via fortigates today? Do you share or pick up routes via the MPLS provider via a dynamic routing protocol ( ospf/bgp ) ?
A simple site-2-site vpn would be ideal, and with the metric added to make the routes less preferred is the way to provide quick convergence.
PCNSE
NSE
StrongSwan
Hello,
Thank you for your reply, The MPLS router connected via fortinet
So how do you learn routes via the MPLS provider ? static ? or Dynamic ( ospf, bgp,rip,etc....)?
PCNSE
NSE
StrongSwan
static route
Hi, I'm just wondering if you can use Dead Gateway Detection as well with this scenario... seeing that your MPLS routes are static and the MPLS link would be the primary.
Thanks,
jb
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.