Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rickards
New Contributor

Created on ‎09-08-2011 07:07 AM

spoke communication route and policybased

Is it possible to enable spoke to spoke communication if both spokes are connected to a hub which is is NAT/Router mode and one spoke is in transparent mode and one spoke is an software client. If possible how do i tell the hub to route certain traffic from the software client over the policy based tunnel ? Spoke1=software ipsec vpn in interface mode Spoke2=Policy based ipsec tunnel, Fortigate in transparent mode Hub=Fortigate in NAT/Router mode Thanks
1339
0 Kudos
2 REPLIES 2
emnoc
Esteemed Contributor III

Created on ‎09-08-2011 08:59 AM

Question: how can a FGT being in transparent mode and then be part of a VPN/ipsec spoke? Do you have a diagram of the design?

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
766
0 Kudos
rickards
New Contributor

Created on ‎09-08-2011 12:19 PM

I was a bit fuzzy in my explanation, software ipsec clients needs to get access to servers behind fgt1. The software clients only supports ipsec in interface mode, therefore i configured fgt2 as concentrator. Is it possible to route traffic from sw clients to servers ? One solution to this problem is also to reconfigure fgt1 in nat mode, however this is not trivial since it requires ip change on servers.
766
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.