I have searched and searched... finally!!! Thanks SO much!!!
@liranics
3 жыл бұрын
Awesome guide .. step by step and clearly
@davidjleo
3 жыл бұрын
Hey Zach..... Thanks for this Video.... the instructions worked like a charm... In regards to the subnets on the fortigate side... I can related as some are finicky when setting up on other devices. sometimes on both sides you would make sure that you have the same subnets listed, otherwise i like to just populate with the subnet groups from the objects list.
@zackgould6688
3 жыл бұрын
I've tried using both sides with the exact subnet (the way you would do it between any other VPNs) and the Fortinet USG VPN just doesn't seem to want to pass the traffic that way. That's why I always end up just doing a blanket 0.0.0.0/0. It's bizarre behavior, but it seems to work!
@jessebwells72
2 жыл бұрын
Very helpful.
@simonmoseby
2 жыл бұрын
Great Guide! Thanks!
@fzr69
3 жыл бұрын
Excellent! Thank you!
@KevC1973
3 жыл бұрын
In regards to the subnets on the Fortigate side, you create the vpn on the USG with dynamic routing disabled from the onset and it will work. Just don't ever try changing settings or it breaks, and you have to delete and redo it to get it working again. Also, the tunnel shows as down on the USG but traffic actually passes. Not a great fix but there if you need it.
@stephengarriques3835
3 жыл бұрын
If you turn off PFS you can put in the proper Local and Remote Address in Stage2 on the FortiGate
@hoangtruong7166
2 жыл бұрын
I was lost when 9:10, Cloud Subnet?
@SuperMarth345
Жыл бұрын
Can you please explain the Cloud Subnet that was just glossed over and not explained how to set up at all?
@nethfellearnspiano9655
3 жыл бұрын
Do you know if this will work with the USG double nat'd? We have a remote site that we connect to a local network for internet access, but we use our USG to isolate our equipment from theirs but would like to site to site it into our main facility that is running a fortigate.
@scotthensley9356
2 жыл бұрын
Where did you create phase 2 on usg? Static routes on usg? Firewall settings? Nat? Trying to connect to a Cisco Asa
@blupa_ch
3 жыл бұрын
Hi Zach Thank you very much for your video. Finally, I got the VPN up and running but I agree, the subnet configuration in the Fortigate FW makes no sense...strange behavior... Wish you a nice day.
@knockturnlabs4221
3 жыл бұрын
Glad you got it working!
@FAROOQAHMAD-vh3rz
Жыл бұрын
Hi Zach Where is Static Route on Unifi USG? is it required or not?
@billabongodysee
Жыл бұрын
Is there an updated version of this?
@JavierDiaz-zh2jo
3 жыл бұрын
Hey Guys , do I need to add the static route on the Unifi part too ?
@knockturnlabs4221
3 жыл бұрын
No. In the Networks portion of the VPN, go to: Advanced Options > Dynamic Routing > Click "Enable dynamic routing". This is basically telling the equipment to automatically add this route to the routing table whenever the VPN is UP. If you don't want to check this box, then you will have to manually add the static route.
@weistan5884
3 жыл бұрын
I appreciate it .I'll subscribe your channel and hope you can share more video about this
@patoagm84
3 жыл бұрын
Hello, thanks for share your video! i need to do it in a few days, but i have some questions. Be possible get access only to a network at USG? in my case, i need to shared my CPD with one of my clients, but they only need to get access through IpSec from their Fortinet to our USG and only get ping with their server. I try to do a summary: Our USG: xxx.xxx.xxx.xxx Our network: 192.168.100.xxx Our client server: 10.101.252.33 Their Fortinet: yyy.yyy.yyy.yyy Their network: 10.101.252.32/28 Maybe to do this it's necessary that uncheck Enable Dynamic Routing and do something? Thank you very much and sorry for my English!
@davidkim4819
2 жыл бұрын
Great guide and very helpful. Helped me fix a broken setup, thank you! BTW could you clarify when to specify xx.xx.xx.0/23 vs /24? I am thinking it has something to do with prevent broadcast packets from crossing, and not sure how sensitive the setup is to this. Thank you.
Пікірлер: 23