Fortinet black logo

Cookbook

Configuring address objects on Branch

Copy Link
Copy Doc ID a4a06ec3-12a7-11e9-b86b-00505692583a:763060
Download PDF

Configuring address objects on Branch

  1. To create address objects you will utilize in a later step, navigate to Policy & Objects > Addresses and select Create New > Address.
  2. Enter Branch-original for the Name, the original LAN subnet of Branch for Subnet (in the example, 192.168.1.0/24), and select the LAN-side interface for Interface (in the example, lan).

  3. Repeat the process to create an additional new address object.
  4. Enter HQ-new for the Name, the new LAN subnet of HQ for Subnet (in the example, 10.1.1.0/24), and select the VPN interface for Interface (in the example, VPN-to-HQ).

  5. To create an IP Pool, navigate to Policy & Objects > IP Pools and select Create New.
  6. Enter Branch-new for the Name and select Fixed Port Range for Type. For the External IP Range enter the new subnet for Branch (in the example, 10.2.2.1 – 10.2.2.254), and enter the original subnet for Branch in the Internal IP Range (in the example, 192.168.1.1 – 192.168.1.254).

  7. Finally, to create a Virtual IP, navigate to Policy & Objects > Virtual IPs and select Create New > Virtual IP.
  8. Enter Branch-new-to-original for the Name and select the VPN interface for Interface (in the example, VPN-to-HQ). For the External IP Range enter the new subnet for Branch (in the example, 10.2.2.1 – 10.2.2.254), and enter the original subnet for Branch in the Internal IP Range (in the example, 192.168.1.1 – 192.168.1.254).

Configuring address objects on Branch

  1. To create address objects you will utilize in a later step, navigate to Policy & Objects > Addresses and select Create New > Address.
  2. Enter Branch-original for the Name, the original LAN subnet of Branch for Subnet (in the example, 192.168.1.0/24), and select the LAN-side interface for Interface (in the example, lan).

  3. Repeat the process to create an additional new address object.
  4. Enter HQ-new for the Name, the new LAN subnet of HQ for Subnet (in the example, 10.1.1.0/24), and select the VPN interface for Interface (in the example, VPN-to-HQ).

  5. To create an IP Pool, navigate to Policy & Objects > IP Pools and select Create New.
  6. Enter Branch-new for the Name and select Fixed Port Range for Type. For the External IP Range enter the new subnet for Branch (in the example, 10.2.2.1 – 10.2.2.254), and enter the original subnet for Branch in the Internal IP Range (in the example, 192.168.1.1 – 192.168.1.254).

  7. Finally, to create a Virtual IP, navigate to Policy & Objects > Virtual IPs and select Create New > Virtual IP.
  8. Enter Branch-new-to-original for the Name and select the VPN interface for Interface (in the example, VPN-to-HQ). For the External IP Range enter the new subnet for Branch (in the example, 10.2.2.1 – 10.2.2.254), and enter the original subnet for Branch in the Internal IP Range (in the example, 192.168.1.1 – 192.168.1.254).