Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yeowkm99
Contributor

Created on ‎07-04-2022 02:50 AM

Site-to-Site VPN with AWS

We have a requirement to setup a site-to-site VPN with a vendor who is using AWS cloud.

they generate one config file based on our FortiOS version and send us the file.

We are supposed to follow the config and setup the tunnel.

Questions, in the config file they ask us to configure WAN1 network interface and also enable BGP routing.

But WAN1 is current my WAN interface with my public ip address

How do i proceed from here ?

 

Go to Network Tab --> Interface -->

wan1 and edit vpn-0xxxxxxxx-0

vpn-0xxxxxxe0-0
a. IP : 169.254.xxx.xxx
b. Remote IP: 169.254.xxx.xxx/30
c. Select Ping
d. Administrative Status: Up
e. Select Ok.

Labels:
688
0 Kudos
1 REPLY 1
akristof
Staff
Staff

Created on ‎07-05-2022 12:16 AM

Hello,

Wan1/wan interface in your case is the interface that IPSec tunnel is bounded to. So if you have wan interface with public IP, you can build it over this interface. Only requirement is that the ipsec traffic needs to come on this interface's public IP address.

Adrian
673
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.