Hello,
We are attempting to establish a site-to-site VPN between two FortiGate devices located in Egypt and Kuwait. However, VPN traffic appears to be blocked on the Egypt side, preventing a successful tunnel from being established.
Could you please advise if there is a recommended workaround for this scenario?
We are also exploring the possibility of connecting each FortiGate device to a cloud-based service from their respective countries, and then enabling secure communication between them via that route.
We would appreciate your guidance on feasible solutions or alternative configurations.
Thank you in advance for your support.
https://docs.fortinet.com/document/fortigate/7.0.0/new-features/508779/fortigate-as-ssl-vpn-client
You can try to build a site to site sslvpn instead where Fortigate is the sslvpn client. Keep in mind that sslvpn has been deprecated on FortiOS 7.6.3. You can start of by deploying this on FortiOS 7.2.11 or 7.4.7 or 7.4.8.
Thanks for sharing the SSL VPN site-to-site setup link. Just to add — the ISP in Egypt doesn't provide a dedicated public IP. Will this setup still work in that case? Are there any alternatives you’d recommend?
Thanks again.
You can look at using FortiDDNS or DDNS configuration in general so that your dynamic public ip can be linked to an fqdn: https://docs.fortinet.com/document/fortigate/7.6.3/administration-guide/685361/ddns
NAT-T may help in some cases IPSec VPN NAT-traversal - Fortinet Community
Please check ports 500 and 4500 blocked by the ISP.
User | Count |
---|---|
2554 | |
1356 | |
795 | |
647 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.