Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
lucas_h_
New Contributor

No LAN or WAN port visible

Hi,

I am currently experimenting with an aws ec2 image with preinstalled FortiGate VM64-AWSONDEMAND, in order to explore new vpn options for our company.

 

For the setup of SSL VPN Client, I have largely been following this how to guide: https://docs.fortinet.com/document/forticlient/5.2.0/cookbook/743322/ssl-vpn-using-forticlient-ios, which instructs me to use the network interfaces LAN and WAN at various stages. The problem I have encountered however, is that I only have one interface, which is called port1.

 

Are there any steps I could take to change this situation?

 

Best,

 

Lucas

5 REPLIES 5
Yurisk
SuperUser
SuperUser

After you spin up FGT instance with 1 interface (which is naturally WAN), you have to  create and then attach Elastic Network Interface to this FGT instance via AWS console. This will become port2 suitable for LAN. In addition you have to disable source check on both interfaces, also via AWS console, so the instance will do the routing between interfaces. The rest of configs is pretty much as any physical FGT.

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.
Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
lucas_h_

Hi Yuri,

 

thank you for the help!

Are there any step-by-step instructions for this process that you know of?

I am relatively new to both, aws and fortigate...

 

Best,

 

Lucas

Yurisk

There should be plenty I guess. This is the 1st search in Google I got, the config part starts at 12 mins, and you can ignore licensing part (for per hour instance lics are applied automatically) and ignore Fortimanager/Fortianalyzer connection of the FG afterwards: https://www.youtube.com/watch?v=lknEee93E94 

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.
Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
lucas_h_

Hello Again,

 

first of all thank you very much, this helped a great deal, as I now have a LAN, as well as a WAN port. However, I cannot connect to the vpn via FortiClient SSLVPN. and the link for the web mode shows a page not available status. Might this have to do with incorrect configuration of my ports?

 

The image attached shows what I see in my vpn-settings:

 

 

lucas_h_

Thanks, I'll give it a shot!

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors