Hi FGT Gurus,
I have site-to-site VPN between AZ FGT to on-prem FGT. The AZ FGT is in the same Vnet of VMs in Azure. I have no problem to use bastion to communicate any VM in the same Vnet. All the AZ VMs have no problem to communicate with on-prem vms via the VPN tunnel. For example, use bastion to login AZ VM, then RDP to on-prem VM. If i need to use bastion to connect any on-prem VMs directly, how do I route bastion to certain subnets that host on on-prem? According to MS, I cannot route bastion in UDR. Thank you.
Hello polarpanda,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello,
We are still looking for an answer to your question.
We will come back to you ASAP.
Thanks,
Hi @polarpanda,
I believe you need to configure IP-based connection on Azure for Bastion to work over Site to Site VPN. Please refer to https://learn.microsoft.com/en-us/azure/bastion/connect-ip-address
Regards,
Hi hbac,
i do have ip base connection configured. I also tested the feature that i use bastion to connect VDI by VDI's ip address in the same vnet.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.