Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Secucard
New Contributor III

SSL VPN for 2 possible incoming Ports: Setup an static IP-address

Hi,

I have a brain-damaging situation ;) and maybe someone out there has a good idea.

We have a Master/Slave Fortigate setup. 

On each Fortigate, we have 2 uplinks, which may contain the uplink because of redundant BGP setup behind.

I now have the problem:

- Do I assign Port 1 for the first BGP uplink to the SSL gateway, it would not work, if Port 1 is down and Port 2 is up

- Same here, assigned Port 2, is the same, as with Port 1

- I would need to assign an ip-address on both ports. So I could enable both ports for the SSL VPN gateway. VRRP would not work, because both are active and up because the routers behind are, too

We need it, that are staff can login to the VPN, not using different hosts / IP

please, no DNS Stuff with refresh/TTL, this is not the kind we use to fix the problem ;)

Any help would be nice

Thanks

Ronny

 

1 Solution
Secucard
New Contributor III

A simple loopback-Interface did the trick ;)

View solution in original post

3 REPLIES 3
Anthony_E
Community Manager
Community Manager

Hello Secucard,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
Toshi_Esumi
SuperUser
SuperUser

How about putting both IPs in the FortiClient settings like below? The user doesn't have to know which is up.

https://community.fortinet.com/t5/FortiClient/Technical-Tip-Multiple-gateway-IP-for-FortiClient/ta-p...

Toshi

Secucard
New Contributor III

A simple loopback-Interface did the trick ;)

Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors