Fortinet black logo

Cookbook

Home FortiGate / FortiOS 5.6.0 Cookbook

Adding IP addresses to the tunnel interfaces

5.6.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.0
6.0.0
5.6.0
5.4.0
Copy Link
Copy Doc ID 4d801240-7ccc-11e9-81a4-00505692583a:753122
Download PDF

Adding IP addresses to the tunnel interfaces

To establish the point-to-multipoint IPsec VPN between the branch and the data center, the tunnel interfaces must include the following IP addresses.

The IPsec VPN Interface configuration includes:

  • Setting ip to the local IP address of the VPN interface
  • Setting remote-ip to the data center FortiGate’s IPsec VPN interface IP address

config system interface

edit "vpn_dc1-1"

set vdom "root"

set ip 10.254.0.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.0.1

set interface "wan1"

next

edit "vpn_dc1-2"

set vdom "root"

set ip 10.254.1.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.1.1

set interface "wan2"

next

end

Previous
Next

Adding IP addresses to the tunnel interfaces

To establish the point-to-multipoint IPsec VPN between the branch and the data center, the tunnel interfaces must include the following IP addresses.

The IPsec VPN Interface configuration includes:

  • Setting ip to the local IP address of the VPN interface
  • Setting remote-ip to the data center FortiGate’s IPsec VPN interface IP address

config system interface

edit "vpn_dc1-1"

set vdom "root"

set ip 10.254.0.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.0.1

set interface "wan1"

next

edit "vpn_dc1-2"

set vdom "root"

set ip 10.254.1.2 255.255.255.255

set allowaccess ping

set type tunnel

set remote-ip 10.254.1.1

set interface "wan2"

next

end

Previous
Next