Changes

Default IPsec route configuration between Teltonika and Fortigate devices (view source)

Revision as of 10:13, 20 June 2024

614 bytes added ,  20 June
no edit summary
Line 1: Line 1:  
  <p style="color:red">The information in this page is updated in accordance with [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''00.07.07.2'''] firmware version.</p>  
 
  <p style="color:red">The information in this page is updated in accordance with [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''00.07.07.2'''] firmware version.</p>  
 +
  <p style="color:red">The information in this page is updated in accordance with '''Fortinet v7.4.3''' firmware version.</p>
 
==Introduction==
 
==Introduction==
 
Normally we configure IPsec for LAN-to-LAN communication, also known as split-tunnel VPN, when only specific hosts or subnets should be reachable via a VPN tunnel. However, we may also take a different approach and configure a VPN tunnel using the full tunnel method. This means that any non-directly connected network (i.e. lan interface) will be reachable only via IPsec tunnel and not via the typical default route.
 
Normally we configure IPsec for LAN-to-LAN communication, also known as split-tunnel VPN, when only specific hosts or subnets should be reachable via a VPN tunnel. However, we may also take a different approach and configure a VPN tunnel using the full tunnel method. This means that any non-directly connected network (i.e. lan interface) will be reachable only via IPsec tunnel and not via the typical default route.
Line 22: Line 23:  
[[File:TopologijaIPsecDefaultRoute.png|border|class=tlt-border|center]]
 
[[File:TopologijaIPsecDefaultRoute.png|border|class=tlt-border|center]]
 
==Fortinet configuration==
 
==Fortinet configuration==
Start by configuring the '''Fortinet''' device. Login to the WebUI, navigate to '''VPN → IPsec Tunnels → Create new → IPsec Tunnel → Template Custom'''. Configure everything as follows.  
+
Start by configuring the '''Fortinet''' device. Login to the WebUI, navigate to '''1. VPN → 2. IPsec Tunnels → 3. Create new → 4. IPsec Tunnel → 5. Your desired name → 6. Template type: Custom → 7. Click on the button next'''.
 
+
----
 +
<table class="nd-othertables_2">
 +
    <tr>
 +
        <th width=800; style="border-bottom: 1px solid white;" rowspan=2>[[File:Fortinet_Firewall_create_new.png|border|class=tlt-border|497x209px|left]]</th>
 +
    </tr>
 +
    <tr>
 +
        <th width=800; style="border-bottom: 1px solid white;" rowspan=1>[[File:Fortinet_Firewall_type_next_v2.png|border|class=tlt-border|437x209px|right]]</th>
 +
    </tr>
 +
    </table>
 
'''Note:''' ''Not specified fields can be left as is or changed according to your needs.''
 
'''Note:''' ''Not specified fields can be left as is or changed according to your needs.''
 
===Network configuration===
 
===Network configuration===
 
----
 
----
 +
Configure everything as follows.
 
Make the following changes:
 
Make the following changes:
 
# Remote Gateway – '''''Static IP Address;'''''
 
# Remote Gateway – '''''Static IP Address;'''''
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/127149"

Navigation menu