We have two VPC in AWS [Security, and Production] VPCs. We have deployed fortigate in Security VPC. In the designing phase we consider the fortigate to work as a Nat instance for all our private subnet including the on in the Production VPC.
From FortiOS - AWS Administration Guide, section Security inspection with Gateway Load Balancer
integration, part North-south security inspection to customer VPC. I have understood this can be accomplish by using Gateway Load Balancer. [https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/e129c4eb-867b-11eb-9995-005056...]
My question is:
1- We have one fortigate do we need to deploy Gateway Load Balancer? if No need for the Load Balancer, then how?
2-If I have stablished site to site VPN between the fortigate and third parties, and one of the Production private EC2 need to reach it I can do this also right?