Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Tutek_OLD
New Contributor

Connecting remote newtorks to Fortigate

Hi,

How should I connect my remote networks using VPN to fortigate I need to have ability to see all sources IP of remote networks in logs/anitivirus reports etc? All internet traffic from remote networks will be route back to Fortigate then go out.

So I need VPN connection that do not translate remote networks, so this mean I should use standard Ipsec site-to site VPN, or could I configure other VPN types like GRE ?

 

thanks

2 REPLIES 2
boneyard
Valued Contributor

VPNs are the way to go for this, specially if traffic from your remote network is going over an untrusted network (like the internet). a GRE tunnel doesnt encrypt traffic, so you don't want to use that.

 

you will need a VPN device on your remote network to setup the tunnel with the central FortiGate.

sw2090
Honored Contributor

Well that is not a vpn question at all.

This does not depend on type of vpn or vpn at all.

It is more a question of NAT.

If neither side does NAT traffic over the vpn you will see any remote ip that reaches your FGT.

If remote side does NAT you will only see the NAT IP...

 

This is the same for any interface...

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Labels
Top Kudoed Authors