Fortinet Document Library

Version:

Version:

Version:


Table of Contents

Cookbook

Download PDF
Copy Link

Adding IP addresses to the tunnel interfaces

To establish the point-to-multipoint IPsec VPN between the branch and the data center, the tunnel interfaces must include the following IP addresses.

The IPsec VPN Interface configuration includes:

  • Setting ip to the local IP address of the VPN interface
  • Setting remote-ip to the data center FortiGate’s IPsec VPN interface IP address

config system interface

edit "vpn_dc1-1"

set vdom "root"

set ip 10.254.0.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.0.1

set interface "wan1"

next

edit "vpn_dc1-2"

set vdom "root"

set ip 10.254.1.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.1.1

set interface "wan2"

next

end

Adding IP addresses to the tunnel interfaces

To establish the point-to-multipoint IPsec VPN between the branch and the data center, the tunnel interfaces must include the following IP addresses.

The IPsec VPN Interface configuration includes:

  • Setting ip to the local IP address of the VPN interface
  • Setting remote-ip to the data center FortiGate’s IPsec VPN interface IP address

config system interface

edit "vpn_dc1-1"

set vdom "root"

set ip 10.254.0.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.0.1

set interface "wan1"

next

edit "vpn_dc1-2"

set vdom "root"

set ip 10.254.1.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.1.1

set interface "wan2"

next

end