VPN Site to Site Fortigate to Mikrotik
Mikrotik Side
1. Create
a NAT accept rule between the
internal LAN and remote LAN:
2. Open IP > IPSec.
Go to Proposals TAB
and create a new proposal profile:
Go to Policies TAB.
Create a New Policy, fill in Source LAN and Destination
LAN:
On the Action TAB
fill Source Address with the Mikrotik WAN Address
and Destination Address with the Fortigate WAN IP.
Check Tunnel Mode. Select the Proposl created previously:
Go to Peers TAB and create a new IPSec Peer.
Address: fill in the Fortigate WAN IP.
Secret: the Pre-Shared Key (password)
Make the rest of the settings as in the image below:
Secret: the Pre-Shared Key (password)
Make the rest of the settings as in the image below:
Next step, configure the Fortigate
Go to VPN and
create a new Tunnel, with Custom – Static IP Address
settings:
Now, we need to create the Firewall rules to accept:
Rule 28: traffic from Fortigate LAN to go to Mikrotik interface to the LAN
Rule 37: traffic from LAN Mikrotik to Internal Fortigate LAN
Rule 37: traffic from LAN Mikrotik to Internal Fortigate LAN
I cannot found you content picture
ReplyDelete