Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
nocadn
New Contributor

Vxlan and ip interfaces

I have a scenario of 2 fortigates in version 7 and I already have them talking 2 vxlan and the machines in each Fortinet can ping each other.

But I can't put ip to the vlan interfaces, so that the machine behind each firewall can have a connection, if it were the case, outside the firewall,  regards

 

3 REPLIES 3
Anthony_E
Community Manager
Community Manager

Hello nocadn,

 

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Regards,

Anthony-Fortinet Community Team.
Anthony_E
Community Manager
Community Manager

Hello,

 

I have found this document:

 

https://docs.fortinet.com/document/fortigate/7.2.1/administration-guide/247006/vxlan-over-ipsec-usin...

 

Could you please tell me if it helps?

 

Regards,

Anthony-Fortinet Community Team.
akristof
Staff
Staff

Hello,

 

I am assuming that you have gateway IP on your software-switch that is connecting VXLAN VTEP and local vlan. And then, if you want to have 2 gateways, in case something will go wrong with Ipsec tunnel or connection between FortiGates, VRRP should help you.

You will have one virtual gateway IP and if connection between fortigates go down, each local subnet should be able to communicate with internet as local FortiGate should have active VRRP gateway IP.

Adrian
Labels
Top Kudoed Authors