Hi everyone,
I should configure IPSec VPN Tunnels between two fortigates, so that they use the two WANs configured on them.
Each firewall has two WANs; one main and one secondary
Is there a procedure for the VPN tunnels between the two firewalls to activate if the WANs are down?
Thanks,
Andrea
Hi @Hiteco-Srl,
You can configure two IPsec tunnels in an SDWAN zone. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configure-IPsec-VPN-with-SD-WAN/ta-p/20984...
Regards,
Hi Andrea,
You can create an both IPSec, and once you have them you can configure 2 static routes with different administrative distance (example 10 in the first tunnel, and 15 in the second tunnel), the traffic will flow through the first tunnel unless the first tunnel is down, then it will flow through the second tunnel. A recommendation to make less firewall policies is to create a Zone and add both VPNs to that zone so you manage only one firewall policy for incoming and one policy for outgoing traffic, instead of 2 policies per tunnel
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.