Products
Platform
General
Public groups
Hi community
I've a problem with VPN non-meraki vs Fortinet.
I need pass only IP to match with Forti, but meraki only allows pass subnets, no IPs, and I don't knwo how do to fix that.
Regards
Pass the entire subnet, then setup a site-to-site VPN firewall rule to only allow traffic between the authorized IP addresses.
Note that it LOOKS like there's an inbound firewall section, but there's not. There's only outbound rules.
Hi dear Nash.
Thanks for your request, but the problem is with the Fortinet, because it has not change this, it send only an IP, not a subnet.
The Fortinet will need to send the full subnet in order for the tunnel to come up. Sorry. 😕 It's a real bummer, and not as secure/granular as I would like.
Hi Nash.
Thanks for all.
I'll call to Fortinet.
What do you mean by "only an IP". You can setup tunnels with (one or multiple) /32 subnets which are a single IP?
@BrechtSchamp The Meraki end will send its full subnet, won't it? Remote end can totally be a /32.
I think I was assuming that @ocuevas wanted to send only a single /32 IP from the Meraki end to the Fortigate end.
Ah yes I see. I forgot that the local subnet isn't specified in the configuration but rather automatically used.
I would contact Fortinet and ask them what they would suggest.