Fortinet Document Library

Version:

Version:

Version:


Table of Contents

Cookbook

Download PDF
Copy Link

Allowing Branch to access the FortiAnalyzer

  1. On Branch, go to Policy & Objects > Addresses and create an address for the FortiAnalyzer.

    Enable Static Route Configuration.

  2. Go to VPN > IPsec Tunnels and create a Phase 2 to allow traffic between the Branch tunnel interface and the FortiAnalyzer.

  3. Go to Network > Static Routes and create a route to the FortiAnalyzer.

  4. On External, go to Policy & Objects > Addresses and create an address for the FortiAnalyzer.

  5. Go to VPN > IPsec Tunnels and create a Phase 2 to allow traffic between the FortiAnalyzer and the Branch tunnel interface.

  6. Go to Policy & Objects > IPv4 Policy and create a policy to allow traffic from the VPN tunnel to the FortiAnalyzer.

    Enable NAT for this policy.

  7. On Branch, go to Security Fabric > Settings.

    In the FortiAnalyzer Logging section, an error appears because Branch is not yet authorized on the FortiAnalyzer.

  8. On the FortiAnalyzer, go to Device Manager > Unregistered.

    Select Branch and then select +Add to register Branch.

  9. Branch now appears as Registered.

Allowing Branch to access the FortiAnalyzer

  1. On Branch, go to Policy & Objects > Addresses and create an address for the FortiAnalyzer.

    Enable Static Route Configuration.

  2. Go to VPN > IPsec Tunnels and create a Phase 2 to allow traffic between the Branch tunnel interface and the FortiAnalyzer.

  3. Go to Network > Static Routes and create a route to the FortiAnalyzer.

  4. On External, go to Policy & Objects > Addresses and create an address for the FortiAnalyzer.

  5. Go to VPN > IPsec Tunnels and create a Phase 2 to allow traffic between the FortiAnalyzer and the Branch tunnel interface.

  6. Go to Policy & Objects > IPv4 Policy and create a policy to allow traffic from the VPN tunnel to the FortiAnalyzer.

    Enable NAT for this policy.

  7. On Branch, go to Security Fabric > Settings.

    In the FortiAnalyzer Logging section, an error appears because Branch is not yet authorized on the FortiAnalyzer.

  8. On the FortiAnalyzer, go to Device Manager > Unregistered.

    Select Branch and then select +Add to register Branch.

  9. Branch now appears as Registered.