Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Lukas
New Contributor

SSL vpn through ipsec site-to-site

Hi!

I Have 2 locations connected by site-to-site ipsec VPN, both with different subnets.

I want to connect by ssl vpn to location 1 (this works great) and through this SSL vpn and ipsec VPN, I want to have access to location 2 (it does not work). Is there any posibilities to use one ssl VPN to 2 different locations connected by ipsec site-to-site?

 

Lukas

1 REPLY 1
Toshi_Esumi
SuperUser
SuperUser

It's nothing different from connecting two remote sites together via a HUB site over two IPSec tunnels. The keys are:

- SSL vpn can carry traffic to/from the loc#2 subnet if it's split-tunnel

- The IPSec VPN can carry traffic from/to SSL VPN client IP subnet (phase2 selectors if not 0/0<->0/0)

- Loc#2's FGT has a route for SSL VPN client IP subnet toward the IPsec tunnel.

- Both loc#1 and #2 FGTs have proper sets of policies to allow the traffic.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors