Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable

Created on ‎11-25-2004 12:00 AM Edited on ‎06-10-2022 04:10 AM By Community Manager

Article Id 191053

Technical Tip: VPN traffic over alternate link (dual WAN)

Description

 

This article describes how to send the VPN traffic over an alternate link.

 

Scope

 

It is necessary to properly configure both the routing and the firewall policies.

 

Solution

 

Routing Scenario:


- Main internet Traffic is to go out WAN1.
- Only VPN traffic is to go out WAN2.
- The remote gateway for the VPN tunnel is 64.247.233.250.

 

How to configure the static routes:

 

Route #1 is the normal default route for the main Internet connection.
Route #2 says to get to the External Interface of Remote Fortinet, use the gateway on WAN2.
Route #3 says to get to the remote subnet across the VPN, use the policies defined on Internal to WAN2.

 

How to configure firewall policies:

 

Internal to Wan1: Internal_All >> WAN1_All Accept Any
Internal to Wan2: Internal_Subnet >> 10.3.20.0 Encrypt

Labels:
3713
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.