- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Policy based tunnels in Fortigate
Hi,
I'm new with Fortigate and migrating from ASA world. I'm a little surprised that the fairly basic configuration causes difficulties even for vendor.
The question is: Does version 7.x support setup where traffic should travel from policy-based tunnel to policy-based tunnel and where the NAT should be used for source address. If so, is there any document to follow so that the implementation would be done correctly? Already found some articles but still wondering do I need VPN Concentrator config to enable traffic flow between tunnels?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Finally this was solved out. The main problem was conceptual. In Forti world you have to use route based type of setup instead of policy based even the another peer of tunnel is using policy based type of configuration. Overall this all was terminologically very confusing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Hartza ,
VPN concentrator give you the option to create a hub and spoke VPN, used mainly in some distributed topologies, where you need to centralize resources and access them by a secure connection. And regarding the NAT as long as you are allowing that particular source addresses on other end of the policy-based tunnel. You don't need it
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Finally this was solved out. The main problem was conceptual. In Forti world you have to use route based type of setup instead of policy based even the another peer of tunnel is using policy based type of configuration. Overall this all was terminologically very confusing.