Home
Join

7 Replies

  • The client you're looking for is called Azure VPN Client.

    Here is a link to the download and setup. https://learn.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-clientOpens a new window

    Was this post helpful? thumb_up thumb_down
  • You wouldn't use FortiClient by the way. You would use Azure VPN Client preferably.

    1 found this helpful thumb_up thumb_down
  • I know I can use the Azure client ... I wanted to know if I can use Forticlient.  With Forticlient, I can push VPN configs from a central console.  And I don't have to deal with maintaining multiple software titles client-side.  And there is the issue of what happens if the user tries to connect to both the Azure P2S and my on-premises VPN simultaneously.  Azure is just using IPSec ... seems I should be able to set up IPSec in Forticlient, no?  But IPSec has a LOT of settings and if any one of them is off the connection will fail. 

    Was this post helpful? thumb_up thumb_down
  • You'd want to put a FortiGate in Azure if you want this functionality. 

    Also why couldn't they just VPN to the on prem FortiGate, then traverse the IPsec tunnel to Azure?

    Was this post helpful? thumb_up thumb_down
  • Chris A. Smith wrote:

    I wanted to know if I can use Forticlient. 

    No, it won't work the way you want it to. You would need to deploy a FortiGate NVA in Azure (Network Virtual Appliance, a virtual firewall appliance/virtual machine).

    Was this post helpful? thumb_up thumb_down
  • If they already VPN into the on-prem site, then establish routing back to Azure from on-prem.  That'll keep the user experience consistent as well, so when they are connected to the network through VPN it'll behave same way as when they're in the office.

      T

    Was this post helpful? thumb_up thumb_down
  • Jim8384 wrote:

    You'd want to put a FortiGate in Azure if you want this functionality. 

    Also why couldn't they just VPN to the on prem FortiGate, then traverse the IPsec tunnel to Azure?

    I guess my thinking is that running through my on-prem network will just add unneeded latency.  Azure is a big, well-connected, distributed cloud service and I expect that a VPN connection from (say) home to Azure is going to be faster and more stable than one to my on-prem Fortigate.  Further, as I'm planning to migrate my on-prem workloads to Azure soon, as more of the workloads move up in to the cloud it wil increasing make less sense to route via on-prem.  (More likely, everyone will VPN to the Azure VPC and traffic will get redirected from there to on-prem as needed.)  

    Was this post helpful? thumb_up thumb_down

Read these next...