Hello All
Kindly i tried to configure SSL Site to Site between two firewall but unfortunatelly the guide cant help me especially on certificate point
I created PKI user with its certificate but face issue in Server Certificate and Client certificate So appreciated any one an sent me a guide to proceed this point step by step or advice me how can do this configuration
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
You probably mean IPsec VPN? There is this document on how to configure the Site-to-site VPN with digital certificate:
Hope it helps.
Best regards,
Lazar
Are you actually intending to create an SSL VPN site-to-site tunnel? Can you not use IPSec? It will be easier...
If you need SSL-VPN follow these docs: https://docs.fortinet.com/document/fortigate/7.0.0/new-features/508779/fortigate-as-ssl-vpn-client
For Certificates you need a CA cert (can be your existing AD PKI or create a basic one using OpenSSL or something) and then sign some certs for the users and import those.
Thanks for your reply
Actually i followed SSL-VPN follow these docs and i create certificate from fortiAuthenticator but i need to know which certificate should be choose on Server certificate and on client certificate
Hi,
If you created the certificate from FortiAuthneticator as server certificate then you will need to select that one. You will also need to upload CA certificate from FortiAuthneticator to both FortiGates then. From the client side you will choose that FortiAuthenticator CA in PKI user in CA filed.
Best regards,
Lazar
Hi
Thanks for your reply
When i upload the certificate to both devices ,I can see the certificate on PKI user but when i go to choose Server certificate on device i didn't find the certificate which created on Forti-Authenticator and only see 'Fortinet_Factory' or 'Fortinet_Factory_Backup' and this is the issue why i didn't see the certificate created on this tab,i only see the created certificate on PKI user tab
Appreciate your support
Hello
If you have any video for this configuration ,i will be appreciated if you share with me
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1647 | |
1070 | |
751 | |
443 | |
213 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.