Wondering if it possible to setup a remote user and/or site-to-site VPN on a virtual IP residing on my WAN. When I create a VIP on my wan it wants a mapped ip address/range and does not give me the option to create a range. Wondering if there is a documented example of this already that I am missing or if anyone has any guidance.
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hmmm, don't know if I understand you correctly.
A VIP would exchange the destination address of incoming traffic to that of an (internal) host. Whereas VPN traffic is directed to the FGT itself.
So, yes, you can set up a VIP to direct VPN traffic (with NAT-T only: udp/500 and udp/4500) to some internal VPN gateway - but not to the border FGT itself. For example, if you install a second FGT as VPN gateway on your DMZ port, that would work.
But it eludes me why you would want to do so...
Basically I want to setup a VPN for my users to use but to have that be a different global IP for example my public ip is XX.XX.52.170 and I want to VPN address to be XX.XX.52.172 another IP in my range, so then I can setup a domain vpn.(businessname).com to use as our vpn versus having users have to use our main IP address. So I was hoping I could set something like that up using a vip but I was not sure how to setup a vpn on a virtual wan IP
In the newer versions of FortiOS, you can select the main gateway IP for a VPN termination point or use another IP in that subnet. When you are creating the interface based VPN, check out all the options.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Instead of using a VIP you can configure a secondary IP on the WAN interface. You then specify it in the "local GW addr" in phase1 (CLI). This does work.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1468 | |
1006 | |
748 | |
443 | |
206 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.