Solved

Fortigate VPN Link

Posted on 2010-09-17
1
899 Views
Last Modified: 2012-06-27
We have a fortigate 60 at our office which has an IPSEC VPN (INTERNAL to DATA CENTER) to our data center firewall, a Cisco ASA. We also have a IPSEC VPN so users can connect to the fortigate and access our INTERNAL network. Is it possible to easily allow users connected to the INTERNETAL IPSEC VPN access to the DATA CENTER?
0
Comment
Question by:GCaron
1 Comment
 
LVL 10

Accepted Solution

by:
koudry earned 500 total points
ID: 33706929
I know nothing about fortigate 60, so what I am about to say, is generic to VPN setup.

The answer to your question is yes, you can setup users so that they access your internal network resources via VPN using your fortigate 60 platform as the gateway.  Now, how you do that, depends. But first of all, you need to setup your VPN server/Concentrator to allow VPN connections from VPN clients.  This may involve setting up some kind of access control lists or policies where the networks of the clients are permitted.  You will need a manual for your VPN end point to find out how to setup VPN connections for remote access.

With the appropriate configurations on your VPN end point, all the users need, is a VPN client of some sort.

- Cisco VPN client: a fat client software from Cisco installed on the client PC with the necessary settings, i.e. userid, password, vpn concentrator IP address (in this case it may be the fortigate 60 if that where the VPN tunnel terminates), a token (one time password) etc.

- Nortel VPN Client: this works the same way as the Cisco VPN client.

The above two solutions may be too expensive so there are other methods. You may want to consider using the web browser as the VPN client, it depends on the sort of VPN solution you want.  

You may want to see my post on a similar issue at http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_23630764.html.  I have added the text below:

------------------------------------------------------

08/08/08 03:34 PM, ID: 22190234

VPN means that you need a secured private tunnel from your local PCs to a remote site. There are different types of VPN so you need to know which one meets your requirements.

(1) Intranet Site to Site VPN: if you want to connect different sites belonging to the same corportation for a LAN to LAN setup.

(2) Extranet Site to Site VPN: to join various suppliers, parters to the main corportation for a LAN to LAN setup.

(3) Remote VPN: suitable if your a mobile worker, salesman or an employee connecting from home to the office site.

What do you need for a VPN connection?

(*) VPN concentrator / Gateway: this component terminates the VPN traffic

(*) Authentication component: used to validate your identity. This can be a RADIUS server. Quite often the person responsible for the VPN gateway, is also responsible for the authentication server.

(*) VPN Client: a piece of software that allows you to connect to the VPN gateway, e.g. Cisco VPN Client, Nortel Contivity client, Rmote Desktop client etc.  The client needs information such as the VPN gateway IP address, authentication group if a security token is used, with shared secret, username and password, to be able to connect to the remote gateway.

Where to you get the information from?

The information required to connect to the VPN gateway / concentrator should be provided by whoever administers the gateway.  For example, if you are connecting to your office from your home computer, then the office network admin responsible for VPN should provide you with all the information you need.

You need to find out from Road runner what the IP address they provided you with, is for. This could be the IP address of the VPN gateway but that is not enough.
Before hand, you need to be clear which type of VPN you need.

-------------------

Good luck
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now