Questions about connecting a 30E in a remote office to a 200D at HQ.
I have a new user that is leasing an office from a larger firm at a remote location. She connects to the internet via their network. (DHCP internal address to a NAT Device with a static public IP.) We would like to give her a Fortigate 30E so that she can be direct connected (laptop, printer, voip phone.) to our systems in the HQ office.
On the HQ side, we have a 200D with a static public IP and multiple internal VLANs (Servers, Workstations, Phones)
I’ve been looking through the documentation and help for site to site IPSEC info. It seems like the dial-up IPSEC site to site option is the only thing that will work in this scenario. And it’s not ideal because the user in that office would need to initiate the connection. This person is not a techie and I’m not sure exactly how they’d be able to do it. Especially if there are issues with the tunnel dropping at any point in the future.
I’ve also looked at the Fortiddns configuration with the “use public IP address” option. Would this be possible on the branch side based on the configuration she’s in? Or is this really only for a Fortigate connected to a cable modem that has a dynamic public IP address?
Would appreciate some advice on how to best get this user connected to us. My main hope is to be able to ship the device to her and have them plug it in at her office and be able to bring the tunnel up and manage it from HQ. Thanks!
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.