Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ecoprotec
New Contributor

SSL-VPN with WAN Interface containing secondary ip addresses

Hello all,


we have a /28 subnet which is provided to us by our ISP. From this we can use 11 addresses.
I have created this network as a physical interface with the "secondary IP Address" option.
The first address as IP/Netmask in the interface and the others in the table below.

 

Network_Interface.png


But now I want to use VPN only on the first address. This blocks me now on all other addresses the port.

VPN.png

 

Or am I not following best practice for the WAN connection with multiple fixed IP addresses?

We are currently moving from an Sophos UTM to Fortinet and many things have been implemented differently here.

1 Solution
AEK
Honored Contributor II

Hello

You don't need to add all the IP directly to the interface.

Assign just one to your interface and your VPN will listen on that one only.

When you want to use the other IPs, you can use them as VIPs for example.

 

AEK

View solution in original post

AEK
1 REPLY 1
AEK
Honored Contributor II

Hello

You don't need to add all the IP directly to the interface.

Assign just one to your interface and your VPN will listen on that one only.

When you want to use the other IPs, you can use them as VIPs for example.

 

AEK
AEK
Labels
Top Kudoed Authors