- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VPN between windows server 2012 and fortinet
Hi, is it posible to make a VPN between windows server 2012 and fortinet?
MCSE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes
Mike Pruett
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
great, is there a guide?
as I cant find any info in fortinets cookbook
MCSE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you looking at having the machine build an SSL VPN tunnel automatically or are you wanting to do IPSec?
Mike Pruett
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
IKEV2 or SSTP or L2TP
MCSE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
bump
MCSE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It boils down to which means you have available on the server side.
'Built-in' VPN on Windows (client or server) is IMHO the least attractive option. Hidden parameters, foggy documentation, no access to options (encryption, DHgroup,...), some config in GUI, some in registry. A nightmare to debug. Encryption of the payload but not the header etc. etc.
Who is using L2TP or SSTP outside the MS world? IPsec is proven, reliable, interoperative across operating systems.
For clients, one can use commercial products which actually work: Forticlient, NCP, Cisco AnyConnect (u-ah),... They implement what MS has missed for decades now.
But, do not try to use FortiClient on Windows server. It's not built for this and maybe never will be. Installing lowlevel network driver/interface into an ever changing OS can be risky for the overall stability.
What I would do: get a small FGT and install a site-to-site VPN between Fortigates. OS independent, scaleable, transparent, reliable. And measured in working hour costs, cheap - set up once, run forever.
edit: as if asked for, a recent post here about FClient and server OS battle - https://forum.fortinet.com/tm.aspx?m=146405
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ok thanks for the reply, helped me to make a decision
MCSE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Arnold,
Do you have some news about your question? I need to establish a permanent VPN connection between my local network (FortiGate 60E for example) and a remote windows server 2016. I want to allow my users inside the local network access to the remote server, automatically. Is it possible?
My end users use MAC OS computers and outside my private network they using a VPN L2TP/IPSec connection, the same protocol in windows server side.
Thank you!