Community discussions

MikroTik App
 
St3v3
just joined
Topic Author
Posts: 3
Joined: Wed Jun 01, 2022 7:32 pm

VXLAN over IPSEC between a Fortigate 40F and a 4011

Tue May 02, 2023 9:14 pm

Hi Community,

I tried in my lab for the moment to use VXLAN over IPSEC between a 4011 and a Fortigate 40F.
This is the result:
1) Without IPSEC, VXLAN works > I enabled a DHCP server on the Mikrotik and plug a laptop on the Fortigate and it takes an IP
2) IPSEC between the 4011 and the Fortigate works
3) VXLAN+IPSEC doesn't work

About Fortinet, there are two differents configurations who are available,
-one with a VXLAN encryption in the phase 1 of IPSEC tunnel https://community.fortinet.com/t5/Forti ... a-p/191207 ( I think is not compatible with Mikrotik)
- an other without the encryption https://community.fortinet.com/t5/Forti ... a-p/195488

I tried the both for the same result.

My first question is, someone has already use this type of configuration ? is it possible or compatible ?
If yes I will share the Mikrotik's and Fortigate's configuration. Maybe one of you will see my mistake

Thank you for your help
 
cbka
just joined
Posts: 19
Joined: Fri Dec 15, 2017 12:07 pm
Location: germany
Contact:

Re: VXLAN over IPSEC between a Fortigate 40F and a 4011

Sat Oct 07, 2023 11:02 am

Send nudes ...ahm config
 
cbka
just joined
Posts: 19
Joined: Fri Dec 15, 2017 12:07 pm
Location: germany
Contact:

Re: VXLAN over IPSEC between a Fortigate 40F and a 4011

Sat Oct 07, 2023 11:05 am

Fortinet builds vxlan tunnel for fex in lan mode . There are some config examples for that . Maybe you can check those ... there is an isec tunnel established with an IP address on tunnel interface on each side. Vxlan endpoint ist than mapped to these interfaces' IP addresses

Cheers

Who is online

Users browsing this forum: Google [Bot] and 32 guests