Description: You can securely connect your Fortigate firewall to CloudConnexa using the IPSec tunneling protocol to route traffic between your network and CloudConnexa-connected resources.
Prerequisites
- A FortiGate device with IPSec VPN capabilities.
- Access to your CloudConnexa account.
- Administrator access to configure VPN and routing on your FortiGate.
Step 1: Set up an IPSec connector in CloudConnexa
- Sign in to the CloudConnexa console.
- Click Networks > Networks.
- Click Add Network and choose Remote Access > Continue.
- Enter a name for your network.
- Select IPSec for the tunneling protocol.
- Choose the Region closest to your FortiGate network.
- Click Next.
- For Platform to Connect, select Other.
ClodConnexa will now generate IPSec parameters that you'll use to configure FortiGate.
Step 2: Configure FortiGate with CloudConnexa IPSec parameters
Using the parameters provided in the CloudConnexa configuration screen, create an IPSec VPN on the Fortigate device.
FortiGate Phase 1 (IKE Policy):
FortiGate Phase 2 (IPSec Policy):
Step 3: Add routes to CloudConnexa subnets
Add static or policy routes on your FortiGate to ensure traffic destined for CloudConnexa resources is sent through the tunnel.
Common subnets to route (default values shown):
- CloudConnexa WPC Subnet: 100.96.0.0/11
- CloudConnexa Domain Routing Subnet: 100.80.0.0/12
Adjust accordingly if you're using custom subnets in CloudConnexa.
Final Notes
- Ensure firewall policies allow traffic from your internal network to the CloudConnexa WPC subnet over the IPSec tunnel.
- If tunnel negotiation fails, check logs on both FortiGate and CloudConnexa.
- Ensure both tunnel sides use matching Phase 1 and Phase 2 parameters.
Comments
0 comments
Please sign in to leave a comment.