Anyone know if it is possible to have the fortigate to connect to multiple BGP as ?
If so, does this have to be done by creating additional vdom's?
What I want to do is connect configure ipsec vpns to two separate aws environments via BGP.
Cheers
Your requirement seems quite simple.
If your ISP1 fails, traffic should route towards ISP2 , while having IPsec tunnels ending/created on both links and preferring ISP1-IPsec tunnel for remote site and if ISP1 fails , traffic should exit towards internet on ISP2 and ISP2-IPsec for remote site.
One thing you can do is configure a link-monitor, https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/360563/dual-internet-connect...
Another thing you can do is to configure an SDWAN zone for underlay ( Internet traffic / ISP interfaces ) and overlay for IPsec tunnels ( IPsec interfaces, one for each WAN link ).
You understand my requirement correctly but small correction my internet traffic has to go through ISP1 incase of fail automatically failover to ISP2 and two ipsec tunnels configured using ISP1 & ISP2, my intranet traffic has to go through specifically ISP2 tunnel. How to achieve this using BGP. Please help me.
Regards
Vishnu (Network_Team is my official id)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.