i have IPSec VPN tunnel where al Phase 1 and 2 done and VPN tunnel is up.
i configure phase 2 IP with virtual IP and i mapped it to an internal IP, now tunnel is up and my internal server is able to reach remote site.
Now it come as business need, we need multiple servers to reach remote site and they are in different subnet. how to reconfigure this virtual IP to map to diffrent intenal IP in diffrent subnet.
@astuk
You have to create different virtual IPs, each of them mapping to different server.
All these virtual IPs need to be added to phase2 selectors of IPSec VPN on both ends.
I don't know your exact structure, but you may need to open VIP for each server.
Or you can use the IP range in the VIP definition.
For example :
172.16.16.1-172.16.16.254 in the "External IP address/range" field
192.168.2.1-192.168.2.254 in the "Map to IPv4 address/range" field
By using it, local servers can access the remote location by entering VPN and changing to their own nat ip.
This way, you will not have to define VIP separately for each server.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.