Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
daddum
New Contributor

pre sales advice

I have a customer who tells me he is going to use Fortigate 90D's

there is a SPT fibre ring with 2 x Fortigate 90's connected

the 90D's need to act as one i.e. VRRP

 

they also need to NAT to the inside also with VRRP on the inside interfaces

and they need to also support a DMZ also with VRRP

 

never used Fortigate before, will they do this ?

 

3 REPLIES 3
emnoc
Esteemed Contributor III

Not sure what you mean NAT to the inside  but vrrp is supported. Is your NAT a SNAT or DNAT or combination of the two?

 

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Toshi_Esumi
Esteemed Contributor III

The diagram looks exactly like HA a-p setup if you replace the VRRP cable with a heart-beat cable. I'm not sure how the fiber-ring would work with VRRP-connected two FGTs.

daddum
New Contributor

it would be static NAT

forgot to mention that the ring has a load of VLAN's on it

in the past when i have done this i would usually use 2 switches on the ring and then connect each switch to both firewalls

Labels
Top Kudoed Authors