Vxlan and ip interfaces

nocadn · ‎10-27-2022

I have a scenario of 2 fortigates in version 7 and I already have them talking 2 vxlan and the machines in each Fortinet can ping each other.

But I can't put ip to the vlan interfaces, so that the machine behind each firewall can have a connection, if it were the case, outside the firewall, regards

Anthony_E · ‎10-30-2022

Hello nocadn,

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Regards,

Anthony-Fortinet Community Team.

Anthony_E · ‎11-01-2022

Hello,

I have found this document:

https://docs.fortinet.com/document/fortigate/7.2.1/administration-guide/247006/vxlan-over-ipsec-usin...

Could you please tell me if it helps?

Regards,

Anthony-Fortinet Community Team.

akristof · ‎11-01-2022

Hello,

I am assuming that you have gateway IP on your software-switch that is connecting VXLAN VTEP and local vlan. And then, if you want to have 2 gateways, in case something will go wrong with Ipsec tunnel or connection between FortiGates, VRRP should help you.

You will have one virtual gateway IP and if connection between fortigates go down, each local subnet should be able to communicate with internet as local FortiGate should have active VRRP gateway IP.

Adrian

Vxlan and ip interfaces

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website