Fortinet black logo

Cookbook

5.6.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.0
6.0.0
5.6.0
5.4.0

Configuring the data center FortiGates

Configuring the data center FortiGates

The configuration described here must be set up on Data Center 1 FortiGate and Data Center 2 FortiGate. The following steps show how to configure Data Center 1 FortiGate (as shown in the diagram). You can repeat this configuration for Data Center 2 FortiGate, substituting the proper IP addresses and interface names.

This configuration has the following objectives:

  • Zero touch IPsec VPN provisioning of new branches
  • Point-to-multipoint IPsec VPN
  • Central management of data center access from each data center firewall
  • Dynamic peering to share routing information between each branch and the data center

Each data center configuration includes dynamic (or dial-up) IPsec VPN, BGP, firewall policies to control access, and a blackhole route for each branch office.

Previous
Next

Configuring the data center FortiGates

The configuration described here must be set up on Data Center 1 FortiGate and Data Center 2 FortiGate. The following steps show how to configure Data Center 1 FortiGate (as shown in the diagram). You can repeat this configuration for Data Center 2 FortiGate, substituting the proper IP addresses and interface names.

This configuration has the following objectives:

  • Zero touch IPsec VPN provisioning of new branches
  • Point-to-multipoint IPsec VPN
  • Central management of data center access from each data center firewall
  • Dynamic peering to share routing information between each branch and the data center

Each data center configuration includes dynamic (or dial-up) IPsec VPN, BGP, firewall policies to control access, and a blackhole route for each branch office.

Previous
Next