Hello,
I have set up ADVPN for two BO's and now I need to add additional VLAN to BO. What would be a procedure to do that?
1. Create VLAN on lan interface at BO
2. Add Address for that VLAN on BO FG
3. 4. ...?
Do I need to create the same VLAN on the HQ lan interface?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
If you want to add a new VLAN/subnet to one of your Branch Firewalls (ADVPN setup) and connect to other branches, the process is quite similar to adding a new subnet in a conventional site-to-site VPN setup.
Branch & HUB Firewall modification required:
1. Set up a VLAN interface and assign an IP address with the specified subnet mark.
2. Include this subnet in the Phase 2 selectors of the VPN tunnel that is being established between the relevant Branch and HUB firewall.
3. Include this subnet in the appropriate IPv4 policy.
4. Steps 2 and 3 must also be completed on the HUB firewall.
5. Add this subnet to the BGP advertising network list in Branch Firewall.
I hope this helps you finish the configuration to your specifications.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1105 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.