Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yeowkm99
Contributor

Site-to-Site VPN with AWS

We have a requirement to setup a site-to-site VPN with a vendor who is using AWS cloud.

they generate one config file based on our FortiOS version and send us the file.

We are supposed to follow the config and setup the tunnel.

Questions, in the config file they ask us to configure WAN1 network interface and also enable BGP routing.

But WAN1 is current my WAN interface with my public ip address

How do i proceed from here ?

 

Go to Network Tab --> Interface -->

wan1 and edit vpn-0xxxxxxxx-0

vpn-0xxxxxxe0-0
a. IP : 169.254.xxx.xxx
b. Remote IP: 169.254.xxx.xxx/30
c. Select Ping
d. Administrative Status: Up
e. Select Ok.

1 REPLY 1
akristof
Staff
Staff

Hello,

Wan1/wan interface in your case is the interface that IPSec tunnel is bounded to. So if you have wan interface with public IP, you can build it over this interface. Only requirement is that the ipsec traffic needs to come on this interface's public IP address.

Adrian
Labels
Top Kudoed Authors