Currently we have 4x 60E.
1 in our HQ office and then 3 for our remote/Satellite offices.
VPN for remote staff then talk to HQ.
We have 3 servers which are currently based in HQ at the moment, we are looking at moving them to cloudbased with firewalls so only connections from each office can access. This is incase HQ has network/power issues, the other offices can still operate.
The only issue I would like to address is can the users/groups be synced across more than one devices easily.
Then the VPN connection client if it can not connect to the first HQ, then connect to a secondary one ie so if vpn1.domain.com is down it tries to connect to vpn2.domain.com
Solved! Go to Solution.
So you want to have a fallback mechanism (4 levels) for Remote Client VPNs. I'm not sure if there is an automatic way to hop one to the next when it fails. But at least a user can change server to connect to manually when one fails.
Then an easiest (or the best) way to let client authentication shared between FGs is to have a remote authentication server; RADIUS/TACACS/LDAP, outside of FGs. So as long as reachability to the auth server is there from all FGs, the same user can get on any FG with the same credential.
So you want to have a fallback mechanism (4 levels) for Remote Client VPNs. I'm not sure if there is an automatic way to hop one to the next when it fails. But at least a user can change server to connect to manually when one fails.
Then an easiest (or the best) way to let client authentication shared between FGs is to have a remote authentication server; RADIUS/TACACS/LDAP, outside of FGs. So as long as reachability to the auth server is there from all FGs, the same user can get on any FG with the same credential.
Thank you Toshi
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1739 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.