This example has two VPCs and multiple subnets within each VPC:
- Customer VPC (10.10.0.0/16): place protected resources whose traffic must be analyzed.
- Security VPC (10.90.0.0/16): place FortiGates here.
Application subnets are placed in different AZs.
Configure the ingress route table as follows:
- Subnet 1 (10.10.2.0/23) is mapped to the GWLB endpoint placed in AZ 1 subnet.
- Subnet 2 (10.10.4.0/23) is mapped to the GWLB endpoint placed in AZ 2 subnet.
- The Internet gateway is assigned on the route table Edge Associations tab. This allows traffic to flow into the VPC and then be redirected into their respective subnets via the routes that you created above.