[Fortigate] Hub-and-spoke ADVPN using IPsec VPN wizard/Dynamically add spokes using autoconfig key
HTML-код
- Опубликовано: 4 окт 2024
- How to configure Hub-and-spoke ADVPN using IPsec VPN wizard
Auto-discovery Hub and spoke VPN with BGP as routing protocol
Add multiple spokes using the autoconfiguration key
Reference Topology: techtalksecuri...
================================
Please donate to support the channel:
UPI: techtalksecurity@axl
PayPal: sumitnick4@gmail.com
================================
![[Fortigate] Hub-and-Spoke VPN configuration](http://i.ytimg.com/vi/wBebPJrKFfE/mqdefault.jpg)
![Natanael Cano - Amor Eterno [Official Video]](http://i.ytimg.com/vi/EO4prCs6WpM/mqdefault.jpg)
Nice! This really helped me understand ADVPN. I love how you showed every step and that you didn't edit away mistakes, that way we also learned how to troubleshoot. Thanks man!
Thank you sir please do another one ad vpn with sd wan as well
Very nice and informative.
Also, What do I need to check if I'm unable to ping the HUB from the spokes in my scenario but spokes can able to ping each other. Also, my setup is slightly different as I'm using 2 WAN connections- Primary and Failover.
Nice! Thanks for the video. I believe you are using private Ip address 192.168 as you are within the premises. This will be same if we use the public Ip address. Please comment.
Yes
yes u can use public address also
no probleme
in my similar tapology in EVE NG home setup...spokes to spokes communication is not dynamically pinging while the spokes can talk to the hub bidirectionally.. I am figuring out why spokes are not pinging ?
take a debug to check what is causing the ping to fail
Very informative , in real time does it requires public ip to be on both hub and spoke site or only hub site is enough
public IP on hub and NAT-T enabled will also work
If I want to deny the traffic between spokes by default, how to do that?
The spoke only can communicate with the HUB
You can tune the policy to allow or deny the source or destination