?
Solved

Fortigate VPN Link

Posted on 2010-09-17
1
Medium Priority
?
905 Views
Last Modified: 2012-06-27
We have a fortigate 60 at our office which has an IPSEC VPN (INTERNAL to DATA CENTER) to our data center firewall, a Cisco ASA. We also have a IPSEC VPN so users can connect to the fortigate and access our INTERNAL network. Is it possible to easily allow users connected to the INTERNETAL IPSEC VPN access to the DATA CENTER?
0
Comment
Question by:GCaron
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 10

Accepted Solution

by:
koudry earned 2000 total points
ID: 33706929
I know nothing about fortigate 60, so what I am about to say, is generic to VPN setup.

The answer to your question is yes, you can setup users so that they access your internal network resources via VPN using your fortigate 60 platform as the gateway.  Now, how you do that, depends. But first of all, you need to setup your VPN server/Concentrator to allow VPN connections from VPN clients.  This may involve setting up some kind of access control lists or policies where the networks of the clients are permitted.  You will need a manual for your VPN end point to find out how to setup VPN connections for remote access.

With the appropriate configurations on your VPN end point, all the users need, is a VPN client of some sort.

- Cisco VPN client: a fat client software from Cisco installed on the client PC with the necessary settings, i.e. userid, password, vpn concentrator IP address (in this case it may be the fortigate 60 if that where the VPN tunnel terminates), a token (one time password) etc.

- Nortel VPN Client: this works the same way as the Cisco VPN client.

The above two solutions may be too expensive so there are other methods. You may want to consider using the web browser as the VPN client, it depends on the sort of VPN solution you want.  

You may want to see my post on a similar issue at http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_23630764.html.  I have added the text below:

------------------------------------------------------

08/08/08 03:34 PM, ID: 22190234

VPN means that you need a secured private tunnel from your local PCs to a remote site. There are different types of VPN so you need to know which one meets your requirements.

(1) Intranet Site to Site VPN: if you want to connect different sites belonging to the same corportation for a LAN to LAN setup.

(2) Extranet Site to Site VPN: to join various suppliers, parters to the main corportation for a LAN to LAN setup.

(3) Remote VPN: suitable if your a mobile worker, salesman or an employee connecting from home to the office site.

What do you need for a VPN connection?

(*) VPN concentrator / Gateway: this component terminates the VPN traffic

(*) Authentication component: used to validate your identity. This can be a RADIUS server. Quite often the person responsible for the VPN gateway, is also responsible for the authentication server.

(*) VPN Client: a piece of software that allows you to connect to the VPN gateway, e.g. Cisco VPN Client, Nortel Contivity client, Rmote Desktop client etc.  The client needs information such as the VPN gateway IP address, authentication group if a security token is used, with shared secret, username and password, to be able to connect to the remote gateway.

Where to you get the information from?

The information required to connect to the VPN gateway / concentrator should be provided by whoever administers the gateway.  For example, if you are connecting to your office from your home computer, then the office network admin responsible for VPN should provide you with all the information you need.

You need to find out from Road runner what the IP address they provided you with, is for. This could be the IP address of the VPN gateway but that is not enough.
Before hand, you need to be clear which type of VPN you need.

-------------------

Good luck
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question