Post Reply
   
Site to Site VPN in Tunnel mode Between NAVAN CNX and FortiGate Firewall
smital_matrix

Posts: 14

Joined: 01 Feb 2013 10:30

29 Mar 2014 13:09

Site to Site VPN in Tunnel mode Between NAVAN CNX and FortiGate Firewall

Scenario Description:



> NAVAN CNX and FortiGate firewall is connected on public IP as shown.



> Local IP range is 172.17.150.0/24 at NAVAN CNX side and 172.17.100.0/24 at FortiGate side.

















  • Check following snap shot for configuration of FortiGate




> Go to VPN > IPsec > Auto Key (IKE).



> Configure phase 1 and phase 2 settings as shown in below two snapshots.



















> Go to Firewall Objects > Address >Address.



> Add Local and Remote LAN address as shown in below two snaps.







> Go to Policy > Policy > Policy.



> Create IPSEC security policy as shown in below snap

















  • Settings that need to Verified for IPSEC VPN in NAVAN CNX:




> Configure IPSEC policy same as configured in opposite device here we have FortiGate firewall.











> Configure IPSEC tunnel as shown in below snap shot and set same IPSEC policy in that tunnel which you had already created as per above snapshot.



> Configure same Pre-shared Key which you had set in FortiGate firewall.











> You can check VPN tunnel status by selecting VPN tunnels under Status >> VPN connections.



> If you facing any problem after following above steps please contact Matrix Support.