Hot!IPSec VPN - Few Issues

Author
spanz
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/10/11 05:32:36
  • Status: offline
2021/10/13 06:18:04 (permalink)
0

IPSec VPN - Few Issues

Hello guys,
I own a 600E appliance if it is relevant.
I would like to know a several things regarding the IPSEC VPN:
 
1. When running the IPSEC wizard it does generate rules that allow Remote_Subnet>Local_Subnet and Local_Subnet>Remote_Subnet.
my question is if I delete these rules, will the tunnel go up when the other side configure the IPSEC VPN on his appliance?
or maybe the fortigate needs to have corresponding rules that allow traffic between the protected networks on both sides.
 
2. I configured an IPSEC VPN with a service provider, and for the protected networks, he told me to set up some public IPs Subnet, and not a Private LAN Subnet, so I configured his remote gateway with a public IP and the his protected networks with a public IP range..
Can someone please explain why would he do this ? I'm a little confused.

Thanks for your help!~
 
post edited by spanz - 2021/10/13 06:19:06
#1

1 Reply Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 2733
    • Scores: 269
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: IPSec VPN - Few Issues 2021/10/13 08:03:14 (permalink)
    0
    1. By default, if you don't specify some network selectors, it sets 0/0<->0/0 for both direction. You need to match the other end as well, then it should come up.
    2. Service providers often use public subnets to make sure uniqueness of each customer's networks, or their specific service networks against others. They're just IP subnets and no difference from private ranges for routing with IPsec.
    #2
    Jump to:
    © 2021 APG vNext Commercial Version 5.5