Fortigate Site to Site IPSec VPN

Posted Oct 16, 2023

By Sena Perdiana 1 min read

A Site-to-Site IPSec VPN is a secure network connection that links two or more separate networks or sites over the internet with IPSec VPN Ecrypted Traffic

Network Topology

Here’s the topology for this deployment

Configuring VPN on Forti1

First of all, make sure both the nodes are abel to reach each other over WAN

Then on Forti1 (node1), create a Site to Site VPN with IPSec Wizard

Configure the remote IP Address of forti2 and set the PSK

Then set the local and remote subnet to be advertised over VPN

Review the configuration and hit Create

After that, create 2 firewall policies to allow network coming out and in over VPN

And lastly, create a route going out to the VPN interface

Configuring VPN on Forti2

On forti2, the configuration is pretty much the same but mirrored

Testing the VPN Connections

Now we should have our IPSec VPN connetions to be in “Up” status

And we’re able to ping from local subnet 1 to local subnet 2

Ping also works the other way around

And looking at the details of the VPN, we can also see the traffic going through the VPN tunnel

Security, Fortigate

This post is licensed under CC BY 4.0 by the author.

Trending Tags

ISE Check Point ASA Fortigate CUCM Palo Alto SD-WAN F5 FTD SQL