Verifying IPsec VPN tunnels on the hub FortiGate

On a spoke, verify the IPsec tunnel back to the hub by going to Dashboard > Network and clicking on the IPsec widget to expand it:

There are two IPsec tunnels established with fabric_vpn_1_0 and fabric_vpn_1_1 and two IPsec tunnels established with fabric_vpn_2_0 and fabric_vpn_2_1 with <tunnel name>_0 and <tunnel name>_1 indicating the relative order in which these tunnels were established:

Tunnel name	Description
fabric_vpn_1_0	VPN tunnel listening on hub’s WAN1 incoming interface, established with spoke 1 using its WAN1 interface
fabric_vpn_1_1	VPN tunnel listening on hub’s WAN1 incoming interface, established with spoke 2 using its WAN1 interface
fabric_vpn_2_0	VPN tunnel listening on hub’s WAN2 incoming interface, established with spoke 1 using its WAN2 interface
fabric_vpn_2_1	VPN tunnel listening on hub’s WAN2 incoming interface, established with spoke 2 using its WAN2 interface

Verifying IPsec VPN tunnels on the hub FortiGate

On a spoke, verify the IPsec tunnel back to the hub by going to Dashboard > Network and clicking on the IPsec widget to expand it:

Tunnel name

Description

fabric_vpn_1_0

VPN tunnel listening on hub’s WAN1 incoming interface, established with spoke 1 using its WAN1 interface

fabric_vpn_1_1

VPN tunnel listening on hub’s WAN1 incoming interface, established with spoke 2 using its WAN1 interface

fabric_vpn_2_0

VPN tunnel listening on hub’s WAN2 incoming interface, established with spoke 1 using its WAN2 interface

fabric_vpn_2_1

VPN tunnel listening on hub’s WAN2 incoming interface, established with spoke 2 using its WAN2 interface

NGFW to SPA Hub Conversion Using Fabric Overlay Orchestrator

Verifying IPsec VPN tunnels on the hub FortiGate

Verifying IPsec VPN tunnels on the hub FortiGate

Verifying IPsec VPN tunnels on the hub FortiGate