Usng VPN to access resource on another firewall

John1849 · ‎08-17-2014

Hi, I have a Fortigate 200D firewall, it connect to internet. It also connect to a Juniper SSG 140 Firewall. The SSG 140 Firewall does not connect o internet, it use for internal network control. Basic Topology : Internet <--->200D<---> SSG 140<--->Server A SSL VPN IP Pool : 192.168.1.0/24 200D : 192.168.10.1/28 SSG 140 : 192.168.10.2/28 Server A : 172.16.100.20/24 I want use 200D SSL VPN to access server A (for example RDP) Is it possible to do it? Any commend for configuration of both of firewall. Or any examples for this saturation? thanks John

Istvan_Takacs_FTNT · ‎08-17-2014

Surely it' s possible. 1. SSL VPN to the Fortigate from Internet and enable access to the 192.168 network from ssl.root 2. Whichever is your preference: 2.a. NAT on the SSG to translate 192.168.x to 172.16.100.20/24 and create allow policy on the same. 2.b. route 172.16.x.x to 192.168.10.2 and leave it to the SSG to route between the 2 subnets. Again create the allow policy too on the SSG. VoilÃ , you' re done.

John1849 · ‎08-22-2014

Thank you for your reply. I still have a question about the routing I can add a static route 172.16.x.x to 192.168.10.2. but it need route to tunnel ? if it possible to create this route when the vpn created , if the vpn disconnect , this route is invalid? thanks again

Usng VPN to access resource on another firewall

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website