I have a brain-damaging situation ;) and maybe someone out there has a good idea.
We have a Master/Slave Fortigate setup.
On each Fortigate, we have 2 uplinks, which may contain the uplink because of redundant BGP setup behind.
I now have the problem:
- Do I assign Port 1 for the first BGP uplink to the SSL gateway, it would not work, if Port 1 is down and Port 2 is up
- Same here, assigned Port 2, is the same, as with Port 1
- I would need to assign an ip-address on both ports. So I could enable both ports for the SSL VPN gateway. VRRP would not work, because both are active and up because the routers behind are, too
We need it, that are staff can login to the VPN, not using different hosts / IP
please, no DNS Stuff with refresh/TTL, this is not the kind we use to fix the problem ;)
Any help would be nice
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
How about putting both IPs in the FortiClient settings like below? The user doesn't have to know which is up.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.