We have a requirement to setup a site-to-site VPN with a vendor who is using AWS cloud.
they generate one config file based on our FortiOS version and send us the file.
We are supposed to follow the config and setup the tunnel.
Questions, in the config file they ask us to configure WAN1 network interface and also enable BGP routing.
But WAN1 is current my WAN interface with my public ip address
How do i proceed from here ?
Go to Network Tab --> Interface -->
wan1 and edit vpn-0xxxxxxxx-0
vpn-0xxxxxxe0-0
a. IP : 169.254.xxx.xxx
b. Remote IP: 169.254.xxx.xxx/30
c. Select Ping
d. Administrative Status: Up
e. Select Ok.
Hello,
Wan1/wan interface in your case is the interface that IPSec tunnel is bounded to. So if you have wan interface with public IP, you can build it over this interface. Only requirement is that the ipsec traffic needs to come on this interface's public IP address.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.