IP passthrough Swisscom Centro Business 3.0
Good morning everyone,
I need to connect a Fortigate firewall to the Swisscom router Centro Business 3.0 to allow the operation of an SSL VPN for remote users and an IPsec VPN for the collegamento site2site with another location.
From what I understand, it would be necessary:
a) create a DMZ on the router with the Fortigate as the destination. However, there does not appear to be the possibility of enabling the DMZ (the only reference is "DMZ firewall rules > not available)
or
b) create port forwarding rules on the router towards the firewall interface/port. Unfortunately it is only possible to do this for TCP/UDP ports and not for specific protocols (like ESP for encrypted traffic).
However, I saw that it is possible to enable “IP passthrough”.
By enabling this option and leaving the Fortigate interface in DHCP, I assume it should receive the public address (I don’t know if it is dynamic or static) while the Business Center should continue to take care of authentication and act as a “modem”, in a sort of bridge mode. Correct? Are there other options?
Unfortunately I don’t have the opportunity to physically test until the day of installation.
A thousand thanks!