Hi, i have two IPSEc tunnels on Fortigate, was wondering is it possible for traffic coming in on first ipsec tunnel to then be able to route out the second tunnel to another site? I know will probably need the two sites to change there phase 2 subnets but i can just put in a rule on Fortigate to link both virtual interfaces.
have only setup tunnels between two sites before so any help would be appreciated.
You can do this in the WebGUI but the cli is much faster. You can check almost everything from vdom, address, address group, vip, route, interface, fwpolicy,users,etc.......
So if you had 4 vpn tunnels named tunnel1 tunnel2 tunnel3 tunnel4 you would have to free up these from any binding fwpolicies, 2> craft a zone name ( e.g "mightiness" ) 3> than apply the fwpolicies to the "zone". Once you do this tho be aware you CAN NOT APPLY A FWPOLICY to a member directly that's tied to a zone.
Hence my earlier warning; " once you go zone it's hard to go back and your tied into a zone based "
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.