Sorry folks for this questioning here, but i am very new to this kind of problem and configuring a FortiGate Firewall (new boss).
My task is to realize a Site 2 Site IPsec VPN connection like this:
[ol]
The VPN connection should be established between ThirdParty initiator and Bintec R1202.
Bintec is in TRUSTED segment. Both now connected by HP Aruba switch in TRUSTED segment.
The Problem is that in old network configuration, Bintec R1202 was directly behind FritzBox Router, static routeing on FritzBox
Does anybody have any idea or helping hand solving this problem? I really would be lucky to solve this.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
AFAI can see your problem is that the external cannot see the private IP of the Bintec router.
If you can obtain a public IP address which is not part of the 'router's WAN addresses you could route that through. If not, the router needs to terminate the VPN.
The FGT doesn't have a role to play with this.
One workaround would be to let the Bintec open the tunnel (farside: 'dial-in' VPN). This way, it would use your WAN IP through NAT but all inside routers would know how to handle the traffic.
Sigh, or just get rid of the Bintec, I've dealt with them before...do yourself a favor. And let the gateway router (either the router or the FGT) terminate VPNs.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.