1-Configure fortigate to Internet
2-Configure lan to internet in fortigate
Fortigate HQ
We have
Vlan10:
192.168.10.0/24
Vlan11:
192.168.11.0/24
Vlan12:
192.168.12.0/24
Vlan13:
192.168.13.0/24
MikroTik Brand
We have
Vlan30:
30.30.30.0/24
Vlan30:
40.40.40.0/24
Vlan30:
50.50.50.0/24
Vlan30:
60.60.60.0/24
1-Configure vpn on fortigate
Address
Create group address
VPN
Static route
Firewall
-Address
(Create local address and remote address)
Policy
& Objects ðAddress
ðCreate New ðAddress
Remote Address (MikroTik Brand)
Policy
& Objects ðAddress
ðCreate New ðAddress
-Group (local and Remote)
Policy
& Objects ðAddress
ðCreate New ðAddress Group
Group local
VPN
VPN ðIPsec Wizard ð
Static route
Network ðStatic Routes ðCreate New ð
Firewall (Allow hq to kpt and kpt to hq)
Policy
& Objects ðFirewall
Policy ðCreate New
Ok
Mikrotik Brand
IP ðIPsec ðProfile ð+
Configure NAT
IP ðFirewall ðNat
Now all vlan Fortigate(hq) and MikroTik(brand) can access
others and test ping
