13 Configure advpn hub and spoke IPsec Wizard

1-Configure fortigate to Internet

2-Configure lan to internet in fortigate

3-Configure VLAN with Cisco switch

On Fortigate

1) Configure Fortigate to Internet

2) Configure static route

3) Configure Lan and Vlan hub, spoke-1, spoke-2

4) Configure vlan access to internet via (Firewall Policy)

5) Configure advpn ipsec hub, spoke-1, spoke-2

On cisco switch

6) Configure trunk port

7) Configure port access vlan

5) Configure advpn ipsec hub

VPN ðIPsec Wizard ð

Next ð

Create

You can copy configuration key here or you can Show Tunnel List

VPN ðIPsec Tunnels ðhub ðEdit ðAuthentication ðEdit

Press on View you will see key Authentication

Close ðOk

5) Configure advpn ipsec spoke-1

VPN ðIPSec Wizard ð

Create

Show Tunnel List

4)Configure vlan access Hub access to spoke-1

Policy & Object ðFirewall Policy ðCreate New

On cisco switch hub

1) Configure trunk port

Switch>enable

Switch#configure terminal

Switch(config)# Switch(config)#interface range gigabitEthernet 0/0-1

Switch(config-if-range)#channel-group 1 mode active

Switch(config-if-range)#no shutdown

Switch(config-if-range)#end

Switch#show interfaces status

Switch(config)#int po1

Switch(config-if)#switchport trunk encapsulation dot1q

Switch(config-if)#switchport mode trunk

Switch(config-if)#no shutdown

Switch(config-if)#end

Switch#wr

2)Configure port access vlan

Switch(config)#int g0/2

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 10

Switch(config-if)#no shutdown

Switch(config-if)#exit

Switch(config)#int g0/3

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 20

Switch(config-if)#no shutdown

Switch(config-if)#end

Switch#wr

On cisco switch spoke-1

1) Configure trunk port

Switch>enable

Switch#configure terminal

Switch(config)# Switch(config)#interface range gigabitEthernet 0/0-1

Switch(config-if-range)#channel-group 1 mode active

Switch(config-if-range)#no shutdown

Switch(config-if-range)#end

Switch#show interfaces status

Switch(config)#int po1

Switch(config-if)#switchport trunk encapsulation dot1q

Switch(config-if)#switchport mode trunk

Switch(config-if)#no shutdown

Switch(config-if)#end

Switch#wr

2)Configure port access vlan

Switch(config)#int g0/2

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 30

Switch(config-if)#no shutdown

Switch(config-if)#exit

Switch(config)#int g0/3

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 40

Switch(config-if)#no shutdown

Switch(config-if)#end

Switch#wr

We go to client pc to check dhcp from fortigate

Test ping

Spoke-2 configure the same spoke-a different vlan

Video guidelines

Trending

Configure MikorTik VPN Site-2-Site with WireGuard

Configure load balancing 2 ISP in MikroTik Router

Replace the hard disc in a Synology NAS

How to configure MikorTik IPsec VPN Site to Site

Limit Speed Internet in Fortigate (Traffic Shaping)

13 Configure advpn hub and spoke IPsec Wizard

Post a Comment

Contact Form