We are switching from Sonicwall to Fortinet. We will have a 200f at our main location and 70f at each remote location connected with a site to site VPN. Initially we will setup the remote Sonicwalls to connect to the 200f with a site to site VPN. I have this tested and seems to be working fine. We will then replace each remote Sonicwall the the 70fs. My problem is this: we have 3 WAN connections on the 200f - I want 1 dedicated for the VPN connections only and 2 as outbound internet. How do I setup the fortinet to dedicate the 1 WAN only for VPN connections? If is setup the static routes if the VPN WAN connection is not the highest priority the VPNs won't connect as the Sonicwalls see a different IP when connecting. Does that make sense? Also when the VPN WAN connection is the highest all internet traffic routes through this connection. Hopefully this makes sense what I am trying to accomplish.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi krick,
depends on how you want to connect. Guessing it is an IPSec tunnel (there is SSLVPN s2s tunnels too), you could set a static route not as default route but for the IP of the 70F only to go out on wan1 (for example), like 1.2.3.4/32 or whatever subnet the other 70Fs have.
Hope that makes sense.
Best regards,
Markus
Hi @krick,
You can give static routes of all WAN interfaces the same administrative distance but give the WAN dedicated to VPN lower priority. That way, normal traffic will be routed to the WAN interfaces with higher priority. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Note-Routing-behavior-depending-on-distance-an...
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1731 | |
1098 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.