Configuring the tunnel interfaces
The following instructions use the 169.254.110.0/29 subnet. This subnet is used only inside the site-to-site tunnel. You use the IP addresses assigned in this configuration to configure BGP neighbors.
To configure the tunnel interface on the spoke 1 FortiGate to the remote site 1 FortiGate:
- On the spoke 1 FortiGate, go to Network > Interfaces.
- Extend the port 1 interface to reveal a new tunnel interface.
- Edit the tunnel interface:
- In the IP field, enter the local tunnel IP address. In this example, the value would be 169.254.110.1, the spoke 1 FortiGate IP address.
- In the Remote IP/Netmask field, enter the remote tunnel IP address with netmask. In this example, the value would be 169.254.110.2 255.255.255.248. 169.254.110.2 is the remote site 1 FortiGate IP address, and 255.255.255.248 is the netmask.
- Configure other settings as your network requires.
- Click OK.
To configure the tunnel interface on the remote site 1 FortiGate to the spoke 1 FortiGate:
- On the remote site 1 FortiGate, go to Network > Interfaces.
- Extend the port 1 interface to reveal a new tunnel interface.
- Edit the tunnel interface:
- In the IP field, enter the local tunnel IP address. In this example, the value would be 169.254.110.2, the remote site 1 FortiGate IP address.
- In the Remote IP/Netmask field, enter the remote tunnel IP address with netmask. In this example, the value would be 169.254.110.1 255.255.255.248. 169.254.110.2 is the spoke 1 FortiGate IP address, and 255.255.255.248 is the netmask.
- Configure other settings as your network requires.
- Click OK.