Dear Support members
Need support
like every office we are using private IPs also the ISP-provided IPs are private now i am going to configure IPSec remote access VPN from last month I am trying to configure VPN so that we can access our office network from home but I am unable to do it. watched more than 20 videos on youtube but was unable to resolve the issue need support on how to configure this VPN
Hello Altafuom,
Hope the below document guide helps
https://docs.fortinet.com/document/fortigate/7.2.5/administration-guide/520377/ipsec-vpns
Regards,
Shilpa C.P
Hi Deer customer,
please refer the below document, I hope it will help
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/6896/fortigate-as-dialup-client
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/785501/forticlient-as-dialup-client
Hi @altafuom
Thanks for posting your query
As you mentioned that you are trying to build IPsec based on the Private IPs, so can you confirm if the Tunnel you are trying to build is on MPLS link
In case of internet link the traffic from the private IP will not be routed over the internet to reach the peer end.
Consider a below topology FYR
Branch-1FW(Private IP)-------RTR----------INTERNET-----------(Public IP)FW-branch-2/Remote Users(forticlient)
So the FW in Branch-1 is behind the ISP router i.e behind the NAT device and in the Branch-2 if you will configure the remote gateway as the private IP of branch-1 it will not help
so in the branch-2 you need to give the tunnel type as dial-up user and try.
In branch-1 the remote gateway will be the public IP of other branch.
To which IP you are trying to connect to the VPN from home internet, if you are using the private IP it will not be routable to internet.
DOC fyr
-------------
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/785501/forticlient-as-dialup-client
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/006896/fortigate-as-dialup-client
thanks for reply
Our network looks like below
Office network Private IPs---(Firewall here))--------(internet)--also private IPs from ISP----->>>>Remote(Forticlient)
Firewall Lan interface Private IPs and Wan interface also Private IP so that's the confusion...also No MPLS simple shared internet provided by ISP...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.