Hi everyone,
I'm new there and I was trying to find a way to configure my Amazon AWS VPC tunnels correctly.
I use a Fortigate 100E (v5.6.5 build1600 (GA)) and the configuration requested by Amazon needs 2 IPSec tunnels with gwdetect/link-monitor function (to switch from the primary tunnel to the second if the first one is under maintenance)
I'm able to mount the 2 tunnels and route traffic by them, but my issue is that I didn't find the function to automatically switch upon them on my fortigate (GUI ou CLI).
I asked google for "gwdetect" (seems to be replaced by link-monitor) and "link-monitor" but didn't find how I can activate this function... Anyone able to give me a hand ?
Thank you
2.5.0.0
2.5.0.0
Hi,
Finally, someone told me how to find the link-monitor function ! (It's only available in CLI)
When you acces to your Fortigate by CLI (SSH), you have to go to the "vdom" side.
You cand find the link-monitor function under:
#config vdom
#edit root
#config system link-monitor
For AWS VPC connection, you also need to set 2 options on your VPN interfaces
#config vdom
#edit root
#config system interface
#edit VPNInterfaceName
#set tcp-mss 1379
#config l2tp-client-settings
#set mtu 1427
Regards,
2.5.0.0
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.