Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Umesh
Contributor

Created on ‎11-07-2024 10:10 PM

Requirement of hub and spoke ipsec vpn in fortigate

Hi All,

 

We have Ho office and wants to connect multiple branches to head office.  I am new to configure hub and spoke ipsec vpn. could please help us my query. 

 

 

HO office  ------- multiple branch offices

 

I have gone through docs.fortinet.com document. but could understand in details.

 

Thanks

Labels:
443
0 Kudos
3 REPLIES 3
AEK
SuperUser
SuperUser

Created on ‎11-08-2024 03:49 AM

Hello

If you are not familiar with IPsec then it is better to use the wizard.

https://docs.fortinet.com/document/fortigate/7.2.10/administration-guide/853412

 

AEK
AEK
410
goninda1
New Contributor

Created on ‎11-08-2024 05:30 AM

You are going about this the completely wrong way. NAT the traffic on your spokes going to the hub. That way you can have all spoke tunnels up at the same time.

Although I guess you could create an SD-WAN zone for your IPsec interfaces and define that in your static routes, but again, this is the wrong way. Do it right and you will have a better result.

10.0.0.0.1 192.168.1.254
10.0.0.0.1 192.168.1.254
382
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.