Phase 1 and Phase 2 of the IPSec connection. We open the configuration file we just downloaded, we will have the following information.
Select the following information to download the configuration file: Download the VPN configuration file and collect the necessary information.Īfter creating VPN Connection, we will select the newly created VPN Connection and click Download Configuration.
Target: select the newly created Virtual Gateway.ĥ.1.5.To create in VIRTUAL PRIVATE CLOUD > Route Tables > check the existing route tables > go to Route tab > click Edit Route > click Add route. We need to create a static route to route the AWS subnet through the Virtual Gateway. Remote IPv4 Network Cidr: enter AWS local subnet as 172.31.32.0/20.Static IP Prefixes: enter Fortinet’s LAN subnet is 10.10.8.0/23.Customer Gateway ID *: select the Customer Gateway just created in the above step.Virtual Private Gateway *: Select the Virtual Private Gateways you just created in the previous step.Target Gateway Type: select Virtual Private Gateway.To create VIRTUAL PRIVATE NETWORK (VPN) > Site-to-Site VPN Connection > click Create VPN Connection. Virtual Private Network has been successfully added to VPC. Select the VPC that we filtered at the Customer Gateways creation step and click Yes, Attach to complete. To Add select the newly created Virtual Private Gateways > click Action > Attach to VPC. Next we will add the newly created Virtual Private Gateways to the VPC. Go to VIRTUAL PRIVATE NETWORK > Virtual Private Gateways > Click Create Virtual Private Gateway.Ĭreate a Virtual Private Gateway with the following parameters: IP Address: Enter Fortinet’s WAN IP 115.78.x.x.Go to VIRTUAL PRIVATE NETWORK (VPN) > Customer Gateways > Click Create Customer Gateway.Ĭreate Customer Gateways with the following parameters: Select your VPC at Filter by VPC, this is the VPC you will use to configure IPSec VPN. Sign in to the AWS Portal site with an administrative account. Create profile for Local and Remote subnet.Download the VPN configuration file and collect the necessary information.In the LAN, there is a Linux server with IP 172.31.42.255/20.īased on the above diagram, we will configure IPSec VPN Site to site between Fortinet Firewall and AWS so that both LANs of the two parties can communicate with each other.The LAN network of the Fortinet Firewall device is configured at Port 2 with IP 10.10.8.0/23 and has DHCP configured to allocate to devices connected to it.The internet connection is connected at wan1 of the Fortinet Firewall device with IP 115.78.x.x.
In this article techbast will show you how to configure IPSec VPN Site to site between the Fortinet Firewall device and AWS.