Fortinet black logo

Examples

Configuring hub to hub tunnels

Copy Link
Copy Doc ID 5ecc39ba-34cd-11eb-96b9-00505692583a:587766
Download PDF

Configuring hub to hub tunnels

FortiManager VPN Manager supports building Hub-to-Hub tunnels, when VPN Community contains two Hubs. All we need to do is to specify a Hub-to-Hub underlay port for each Hub.

Edit each Hub in both communities and set the right Hub-to-Hub port ( port1 for OL_INET Hubs, port4 for OL_MPLS Hubs):

Now run Install Wizard for the DC policy package and, right before completing the installation, click on “Install Preview”:

You will see how FMG creates two Site-to-Site IPSEC tunnels, one over each underlay. Note the naming: FMG is using the ID of the remote Hub for each tunnel, so it is again predictable, since we have manually set the Hub IDs via Postman.

Complete policy installation.

Configuring hub to hub tunnels

FortiManager VPN Manager supports building Hub-to-Hub tunnels, when VPN Community contains two Hubs. All we need to do is to specify a Hub-to-Hub underlay port for each Hub.

Edit each Hub in both communities and set the right Hub-to-Hub port ( port1 for OL_INET Hubs, port4 for OL_MPLS Hubs):

Now run Install Wizard for the DC policy package and, right before completing the installation, click on “Install Preview”:

You will see how FMG creates two Site-to-Site IPSEC tunnels, one over each underlay. Note the naming: FMG is using the ID of the remote Hub for each tunnel, so it is again predictable, since we have manually set the Hub IDs via Postman.

Complete policy installation.