You created your first website which uses just only one web server in AWS. This site is a hosted service for your client.
In order for them to access this server, you created VPN gateway in your VPC. And your clients told you they configured their Fortigate to connect to your VPN Gateway.
However your clients are still not able to connect your server.
In this quiz, you can assume AWS configuration is correct. I used Fortigate on AWS to emulate the scenario, however you should be able to apply the same technique you used here to the on-premise.
Spot the misconfiguration on Fortigate.
[Fortigate] VPN Interfaces
[Fortigate] Security Policies
[Fortigate] Routing Monitor
[Fortigate] IPSec Monitor
terraform configuration file Download
You have two routing options in AWS to route VPN Gateway connection.
- Static route
- BGP advertisement
To use BGP advertisement, you need to specify which subnets you want to advertise.
In this case, configure Fortigate to advertise 10.0.0.0/24: