Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
icoskun17
New Contributor

Created on ‎06-03-2020 02:34 PM

VPN Branch to HQ Internet - Specific Interface Only

Hi,

     I have 2 Fortigates.  I need devices connected to one physical interface on the Branch Fortigate to use internet from the HQ Fortigate.  All other traffic on the Branch (other interfaces) can use local WAN interface for internet.

How do I do this?

Thank You

Ismail

1728
0 Kudos
1 REPLY 1
MattyG2787
New Contributor

Created on ‎07-26-2020 11:00 PM

This should be in another thread but the simplest (cleanest) way is via SD-WAN rules

 

Create your first SD-WAN rule to have 

Src - HQ source

DST - all

Included Members - HQ Link

Services - all

 

Second rules

Src - Other IP Ranges

dst All

Included Members - Local WAN

services all

 

This also pootentially allows the local internet to be used in case HO link drops (by changing second source to all)

 

798
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.