Hi.
I was wondering how to solve the following issue:
Right now, I have several customers connected via ipsec individually, each one with a different virtual IP to several servers inside my network.
What I want is to transform that into a single load balancer for all of them, BUT, without changing the IP on the client side. In that why I do not have to modify any phase02 on the tunnels, I want it to be as transparent as possible for the clients with a somewhat minimal disruption.
I was wondering if that is possible with a single FW?, and if (please) anyone could give me a pointer for that.
So far, what I was thinking was to create a LB for each client, but, I mean, it doesn´t feel optimal.
Instead, a single LB for all the customers would be more effective.
My issue is that I do not see a way to do it, like, pointing all current VIP to a single LB IP, but all inside the FW.
So far, I do not see it without the need of another FW, and without messing up the client side of things.
Any ideas?
Solved! Go to Solution.
You're correct. As long as all those tunnels point to individual VIPs, then you will need all of the VIPs.
And to use a single VIP will require the clients to point to that one single IP.
You're correct. As long as all those tunnels point to individual VIPs, then you will need all of the VIPs.
And to use a single VIP will require the clients to point to that one single IP.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.