Next part of configuration will be done on Fortigate 60D which will act as Branch Office for this scenario. Here is how created tunnekl on Azure Stack (Main Site) looks like Intel NUC (Branch Office) OK – all is set on Fortigate VM in Azure Stack Remote subnets – 192.168.40.0/24 (that is LAN subnet of Intel NUC behind Fortigate 60D) Local subnets – 172.20.2.0/24 (that is LAN subnet on my Azure Stack) Local interface – port2 (you should select your LAN facing interface) Last screen is about local network on main site and branch site. Type in a strong phrase and remember it, we will need it again in setup on Branch Office. Outgoing interface – port1 (since it is outside facing port in my Fortigate setup)Īuthentication method – Pre-shared key (for this occasion enough, but in real world, certificates would be included). Remote IP address – public IP address of remote Fortigate device – for me it is 10.10.9.102 Remote device type – FortiGate (I will be connecting to Fortigate 60D) NAT configuration – This site is behind NAT (This also works with No NAT between sites option if you have all default within your local network) I will give name AStackMain for this site since it will simulate Main Office. This lab assumes you already have everything configured in your network and you just want to setup Site to Site VPN. Ok, first we will setup Fortigate VM on Azure Stack.
I want Azure Stack VM on IP address 172.20.2.5 to communicate with Intel NUC behind Fortigate 60D on IP 192.168.40.5 as if they are on the same network. Behind it is a Intel NUC which has Windows Server 2016 installed on it and it on IP address 192.168.40.5/24 (192.168.40.0/24 subnet) I have Fortigate 60D as a main router with public IP 10.10.9.102. VM I want to have connection to is on IP address 172.20.2.5/24 Behind Fortigate VM is a small network of Windows Server 2016 VMs on 172.20.2.0/24 subnet. Lab setupĪzure Stack has public IP 192.168.102.32 that is going to Fortigate VM. In production environment, security should be a bit beefier. I would not recommend this scenario for production environment that relies on internet connection. I have configured Fortigate VM in Azure Stack, and in my physical network there is one Fortigate 60D and behind it is Intel NUC with installed Windows Server 2016. In this scenario I will show how to connect Azure Stack to Intel NUC in my local network. I usually use third party solutions like Fortigate. One thing I’m not huge fan of in Azure stack is integrated VPN solution.
That is when I rely on Site to Site VPN solutions. Often, I need to connect Azure Stack to other hardware/software within my lab. I’m a huge fan of Azure Stack and love to use it for many scenarios in my work/homelab.
0 kommentar(er)
