Hi all,
Please find attached diagram where isp terminated on cisco router and interconnected links between router and fortinet configure with private ip address. Furthermore will configure secondary ip [one of public ip] on fortinet same port which is connected to cisco router. Basically need to now how can i configure site to site tunnel, explicit proxy and internet facing rule using that interfaces.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
pfa diagram
Created on 09-13-2024 01:00 PM Edited on 09-13-2024 01:03 PM
Hi,
So basically you would define the public ip as the secondary on the existing interface, create a static route using the public ip of the router and the intf, then in ipsec config you would select Local Gateway and specify the public ip as the local-gw for which to initiate/accept as peer and as for the web proxy, https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-multiple-outgoing-IP-for-...
For the in/out firewall rules, it's the same principle as for regular policies, expect for the outbound/SNAT rule you would need to create a IP Pool and assign it to the rule and not use the default Use outgoing interface addreess
Hi,
What about other outgoing policies not going via explicit proxy ?. Would it be same as using ip pool as source nat
please help
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.