{"id":194,"date":"2020-08-18T17:57:41","date_gmt":"2020-08-18T20:57:41","guid":{"rendered":"http:\/\/vbrain.com.br\/?p=194"},"modified":"2020-08-18T18:31:09","modified_gmt":"2020-08-18T21:31:09","slug":"estabelecendo-um-tunel-vpn-ipsec-entre-um-vpc-aws-e-fortinet-fortigate-on-premises","status":"publish","type":"post","link":"http:\/\/vbrain.com.br\/index.php\/2020\/08\/18\/estabelecendo-um-tunel-vpn-ipsec-entre-um-vpc-aws-e-fortinet-fortigate-on-premises\/","title":{"rendered":"Estabelecendo um T\u00fanel VPN IPSec entre um VPC AWS e Fortinet Fortigate (on premises)"},"content":{"rendered":"<p>Bom pessoal, em primeiro lugar, gostaria de agradecer ao Pedro Calixto do blog (<a href=\"https:\/\/pedrocalixto.com\/\">https:\/\/pedrocalixto.com\/<\/a>) e Valdecir do (<a href=\"https:\/\/homelaber.com.br\/\">https:\/\/homelaber.com.br\/<\/a>), que de certa forma me incentivaram a escrever esse post, configurar t\u00faneis VPN com AWS n\u00e3o \u00e9 algo rotineiro no meu trabalho, o que me fez dedicar algum tempo para configurar em meu ambiente de LAB e consequentemente, aprender mais.<\/p>\n<p><strong>Antes de mais nada, para replicar esse lab, vamos precisar:<\/strong><\/p>\n<ul>\n<li>Ambiente AWS com ao menos uma inst\u00e2ncia EC2 (windows ou linux) rodando.<\/li>\n<li>Fortinet Fortigate f\u00edsico (pode ser com licen\u00e7a expirada) ou FortiVM (virtual) com uma licen\u00e7a v\u00e1lida, isso porqu\u00ea um FortiVM com a licen\u00e7a trial s\u00f3 possui encripta\u00e7\u00e3o no formato <strong>DES, <\/strong>os VPC&#8217;s AWS s\u00f3 utilizam <strong>AES.<\/strong><\/li>\n<li>Instancia EC2, subnet, roteamento etc, funcionando dentro do ambiente AWS (farei um post futuramente abordando esses t\u00f3picos).<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Para esse Lab, a topologia proposta \u00e9 a seguinte:<\/p>\n<p id=\"ecNMmMo\"><a href=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c25841be50.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-195 size-full\" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c25841be50.png\" alt=\"\" width=\"928\" height=\"505\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c25841be50.png 928w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c25841be50-300x163.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c25841be50-768x418.png 768w\" sizes=\"auto, (max-width: 928px) 100vw, 928px\" \/><\/a><\/p>\n<p>Neste caso temos no ambiente on-premises um Fortigate, que est\u00e1 ligado ao Internet Router, esse Fortigate possui em sua LAN a rede 192.168.1.0\/24, do outro lado, temos o ambiente cloud AWS com uma subnet 172.31.0.0\/16 vinculada \u00e0 um VPC, o qual tamb\u00e9m \u00e9 vinculado \u00e0 um Virtual Private Gateway para que seja estabelecido o t\u00fanel VPN.<\/p>\n<p>Para mais informa\u00e7\u00f5es sobre defini\u00e7\u00f5es de um VPC etc, acesse https:\/\/docs.aws.amazon.com\/pt_br\/vpc\/latest\/userguide\/what-is-amazon-vpc.html<\/p>\n<p>Tamb\u00e9m foi feito o deploy de uma inst\u00e2ncia EC2 Ubuntu para testes e vinculada \u00e0 subnet.<\/p>\n<p id=\"bCXEBcI\"><img loading=\"lazy\" decoding=\"async\" width=\"1499\" height=\"301\" class=\"alignnone size-full wp-image-197 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2be7a2818.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2be7a2818.png 1499w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2be7a2818-300x60.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2be7a2818-1024x206.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2be7a2818-768x154.png 768w\" sizes=\"auto, (max-width: 1499px) 100vw, 1499px\" \/><\/p>\n<p>&nbsp;<\/p>\n<h3>Confira\u00e7\u00e3o no ambiente AWS<\/h3>\n<p>No painel de <strong>VPC&#8217;s, <\/strong>clique em <strong>Your VPCs, <\/strong>tenha certeza que seu VPC est\u00e1 sendo listado, um VPC j\u00e1 ser\u00e1 automaticamente criado no momento que uma inst\u00e2ncia EC2 for criada.<\/p>\n<p id=\"qmenyhb\"><img loading=\"lazy\" decoding=\"async\" width=\"1620\" height=\"360\" class=\"alignnone size-full wp-image-198 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2d3e686f3.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2d3e686f3.png 1620w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2d3e686f3-300x67.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2d3e686f3-1024x228.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2d3e686f3-768x171.png 768w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2d3e686f3-1536x341.png 1536w\" sizes=\"auto, (max-width: 1620px) 100vw, 1620px\" \/><\/p>\n<p>Em <strong>Customer Gateways<\/strong>, iremos configurar as informa\u00e7\u00f5es do nosso Fortigate, como o IP p\u00fablico.<\/p>\n<p id=\"AkrYiQJ\"><img loading=\"lazy\" decoding=\"async\" width=\"1124\" height=\"586\" class=\"alignnone size-full wp-image-201 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2f7cb9a58.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2f7cb9a58.png 1124w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2f7cb9a58-300x156.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2f7cb9a58-1024x534.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c2f7cb9a58-768x400.png 768w\" sizes=\"auto, (max-width: 1124px) 100vw, 1124px\" \/><\/p>\n<p>Ao clicar em <strong>Create Customer Gateway<\/strong>, algumas informa\u00e7\u00f5es ser\u00e3o solicitadas.<\/p>\n<p id=\"UEabHQy\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-202 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c30493adc3.png\" alt=\"\" width=\"993\" height=\"392\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c30493adc3.png 1309w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c30493adc3-300x118.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c30493adc3-1024x404.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c30493adc3-768x303.png 768w\" sizes=\"auto, (max-width: 993px) 100vw, 993px\" \/><\/p>\n<p>Configure apenas um <strong>Name <\/strong>e o <strong>IP p\u00fablico<\/strong> do Fortigate, ou do router de internet caso esteja utilizando uma conex\u00e3o em NAT.<\/p>\n<p>Agora, em <strong>Virtual Private Gateway, <\/strong>crie um novo VPG, no meu caso, e acredito que seja o da maioria, o ASN utilizado ser\u00e1 o da pr\u00f3pria AWS, neste caso, apenas defina um TAG-ID para esse VPG.<\/p>\n<p id=\"RsgnwKR\"><a href=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c31a9cc5a0.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-204 size-full\" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c31a9cc5a0.png\" alt=\"\" width=\"1336\" height=\"462\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c31a9cc5a0.png 1336w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c31a9cc5a0-300x104.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c31a9cc5a0-1024x354.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c31a9cc5a0-768x266.png 768w\" sizes=\"auto, (max-width: 1336px) 100vw, 1336px\" \/><\/a><\/p>\n<p>Ao criar um novo VPG, selecione esse VPG e clique em <strong>Actions, <\/strong>ent\u00e3o em <strong>Attach to VPC, <\/strong>no meu caso a op\u00e7\u00e3o est\u00e1 indispon\u00edvel pois eu j\u00e1 havia feito o attach.<\/p>\n<p>&nbsp;<\/p>\n<p id=\"BIYXUQC\"><img loading=\"lazy\" decoding=\"async\" width=\"1100\" height=\"145\" class=\"alignnone size-full wp-image-205 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c323fbc2b5.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c323fbc2b5.png 1100w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c323fbc2b5-300x40.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c323fbc2b5-1024x135.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c323fbc2b5-768x101.png 768w\" sizes=\"auto, (max-width: 1100px) 100vw, 1100px\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>Agora, em <strong>Site-to-Site VPN Connections, <\/strong>clique em <strong>Create VPN Connection<\/strong><\/p>\n<p id=\"fRSmpwE\"><img loading=\"lazy\" decoding=\"async\" width=\"2157\" height=\"587\" class=\"alignnone size-full wp-image-206 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c334b92ddb.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c334b92ddb.png 2157w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c334b92ddb-300x82.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c334b92ddb-1024x279.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c334b92ddb-768x209.png 768w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c334b92ddb-1536x418.png 1536w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c334b92ddb-2048x557.png 2048w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c334b92ddb-1920x523.png 1920w\" sizes=\"auto, (max-width: 2157px) 100vw, 2157px\" \/><\/p>\n<p>A seguinte tela vai abrir com as op\u00e7\u00f5es para configura\u00e7\u00e3o da VPN:<\/p>\n<p id=\"DUvowhy\"><img loading=\"lazy\" decoding=\"async\" width=\"1198\" height=\"590\" class=\"alignnone size-full wp-image-207 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3455aa820.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3455aa820.png 1198w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3455aa820-300x148.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3455aa820-1024x504.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3455aa820-768x378.png 768w\" sizes=\"auto, (max-width: 1198px) 100vw, 1198px\" \/><\/p>\n<p>Basicamente, a \u00fanica informa\u00e7\u00e3o que teremos que configurar \u00e9 um nome para essa VPN, pois em <strong>Virtual Private Gateway <\/strong><strong>e Customer Gateway ID <\/strong>iremos escolher o VPG e o Gateway configurados nos passos anteriores.<\/p>\n<p>Ap\u00f3s a cria\u00e7\u00e3o da VPN, clique em <strong>Download Configuration <\/strong>e escolha uma das op\u00e7\u00f5es de <strong>Vendor <\/strong>dispon\u00edveis, ser\u00e1 feito o download de um <strong>TXT <\/strong>com as informa\u00e7\u00f5es da VPN como key, hash, modo de encripta\u00e7\u00e3o etc que ser\u00e1 utilizado na configura\u00e7\u00e3o do lado do Fortigate<\/p>\n<p id=\"yucWArd\"><a href=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c38d0b2beb.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-210 size-full\" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c38d0b2beb.png\" alt=\"\" width=\"2118\" height=\"753\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c38d0b2beb.png 2118w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c38d0b2beb-300x107.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c38d0b2beb-1024x364.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c38d0b2beb-768x273.png 768w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c38d0b2beb-1536x546.png 1536w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c38d0b2beb-2048x728.png 2048w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c38d0b2beb-1920x683.png 1920w\" sizes=\"auto, (max-width: 2118px) 100vw, 2118px\" \/><\/a><\/p>\n<h3><\/h3>\n<h3>Configura\u00e7\u00e3o da VPN no Fortigate<\/h3>\n<p>Ao acessar o Fortigate, clique em <strong>IPsec Tunnels <\/strong>e em <strong>Create New:<\/strong><\/p>\n<p id=\"SFmCRSI\"><img loading=\"lazy\" decoding=\"async\" width=\"904\" height=\"405\" class=\"alignnone size-full wp-image-208 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c37220a22f.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c37220a22f.png 904w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c37220a22f-300x134.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c37220a22f-768x344.png 768w\" sizes=\"auto, (max-width: 904px) 100vw, 904px\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>Agora, defina um nome para esta conex\u00e3o, escolha a op\u00e7\u00e3o Cisco em <strong>Remote Device Type<\/strong> (calma, iremos customizar essa conex\u00e3o futuramente).<\/p>\n<p><strong>IMPORTANTE, escolha tamb\u00e9m se o Fortigate est\u00e1 atr\u00e1s de um Router realizando NAT ou n\u00e3o, ao escolher a op\u00e7\u00e3o &#8220;This site is behind NAT&#8221;, voc\u00ea est\u00e1 informando que ir\u00e1 utilizar NAT-T nesta conex\u00e3o, se voc\u00ea n\u00e3o sabe o que \u00e9 NAT-T, acesse esse <a href=\"http:\/\/vbrain.com.br\/index.php\/2020\/08\/12\/nat-traversal-nat-t-e-sua-importancia-em-tuneis-vpn-ipsec\/\">post<\/a><\/strong><\/p>\n<p id=\"rrjgQXT\"><img loading=\"lazy\" decoding=\"async\" width=\"1664\" height=\"333\" class=\"alignnone size-full wp-image-209 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c378816ce1.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c378816ce1.png 1664w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c378816ce1-300x60.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c378816ce1-1024x205.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c378816ce1-768x154.png 768w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c378816ce1-1536x307.png 1536w\" sizes=\"auto, (max-width: 1664px) 100vw, 1664px\" \/><\/p>\n<p>Clique em <strong>Next.<\/strong><\/p>\n<p>Agora, ser\u00e1 apresentada uma tela com as informa\u00e7\u00f5es de<strong> IP p\u00fablico<\/strong> da AWS, a interface <strong>WAN<\/strong> que ser\u00e1 utilizada para essa conex\u00e3o e tamb\u00e9m a <strong>Pre-shared key, <\/strong>o IP do lado da AWS e a Key estar\u00e3o no arquivo <strong>TXT <\/strong>que foi realizadodownload.<\/p>\n<p id=\"iLnvpbo\"><img loading=\"lazy\" decoding=\"async\" width=\"1648\" height=\"340\" class=\"alignnone size-full wp-image-212 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c396e6987a.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c396e6987a.png 1648w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c396e6987a-300x62.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c396e6987a-1024x211.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c396e6987a-768x158.png 768w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c396e6987a-1536x317.png 1536w\" sizes=\"auto, (max-width: 1648px) 100vw, 1648px\" \/><\/p>\n<p>Ao abrir o <strong>TXT<\/strong>, essas informa\u00e7\u00f5es estar\u00e3o logo no inicio do arquivo<\/p>\n<p id=\"spIQAfY\"><img loading=\"lazy\" decoding=\"async\" width=\"805\" height=\"157\" class=\"alignnone size-full wp-image-213 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ad2decbc.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ad2decbc.png 805w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ad2decbc-300x59.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ad2decbc-768x150.png 768w\" sizes=\"auto, (max-width: 805px) 100vw, 805px\" \/><\/p>\n<p>Clique em <strong>Next <\/strong>novamente.<\/p>\n<p>Agora, defina qual \u00e9 a interface Local do fortigate, ou no caso, a <strong>LAN, <\/strong>e tamb\u00e9m informe a <strong>Remote Subnets do lado da AWS.<\/strong><\/p>\n<p id=\"clcFrZB\"><img loading=\"lazy\" decoding=\"async\" width=\"1008\" height=\"223\" class=\"alignnone size-full wp-image-214 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3b5d2b9d0.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3b5d2b9d0.png 1008w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3b5d2b9d0-300x66.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3b5d2b9d0-768x170.png 768w\" sizes=\"auto, (max-width: 1008px) 100vw, 1008px\" \/><\/p>\n<p>Ao criar a t\u00fanel, clique em <strong>Show Tunnel List<\/strong>, e ent\u00e3o <strong>Edit <\/strong>o t\u00fanel criado.<\/p>\n<p>Ao entrar na tela de edi\u00e7\u00e3o do t\u00fanel, clique em <strong>Convert To Custom Tunnel.<\/strong><\/p>\n<p id=\"jSxbyzC\"><img loading=\"lazy\" decoding=\"async\" width=\"963\" height=\"122\" class=\"alignnone size-full wp-image-216 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ccc0ee55.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ccc0ee55.png 963w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ccc0ee55-300x38.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ccc0ee55-768x97.png 768w\" sizes=\"auto, (max-width: 963px) 100vw, 963px\" \/><\/p>\n<p>Ao clicar em <strong>Convert To Custom Tunnel<\/strong>, as op\u00e7\u00f5es de customiza\u00e7\u00e3o ser\u00e3o habilitadas, clique ent\u00e3o em <strong>Edit <\/strong>em <strong>Phase 1 Proposal, <\/strong>novamente, abra o <strong>TXT <\/strong>baixado anteriormente, as informa\u00e7\u00f5es estar\u00e3o logo ap\u00f3s a linha <strong>Phase 1<\/strong><\/p>\n<p>TXT provido pela AWS:<\/p>\n<p id=\"WdhDskM\"><img loading=\"lazy\" decoding=\"async\" width=\"481\" height=\"77\" class=\"alignnone size-full wp-image-218 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3e9722f56.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3e9722f56.png 481w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3e9722f56-300x48.png 300w\" sizes=\"auto, (max-width: 481px) 100vw, 481px\" \/><\/p>\n<p>Configura\u00e7\u00e3o de Phase 1 no Fortigate<\/p>\n<p id=\"QQpkjJR\"><img loading=\"lazy\" decoding=\"async\" width=\"642\" height=\"203\" class=\"alignnone size-full wp-image-217 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3dc7965f4.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3dc7965f4.png 642w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3dc7965f4-300x95.png 300w\" sizes=\"auto, (max-width: 642px) 100vw, 642px\" \/><\/p>\n<p>Em <strong>Phase 2 <\/strong>, clique em <strong>Advanced&#8230; <\/strong>e novamente, configure conforme est\u00e1 descrito no TXT.<\/p>\n<p id=\"HKLkILa\"><img loading=\"lazy\" decoding=\"async\" width=\"608\" height=\"654\" class=\"alignnone size-full wp-image-219 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3f0444ee7.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3f0444ee7.png 608w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3f0444ee7-279x300.png 279w\" sizes=\"auto, (max-width: 608px) 100vw, 608px\" \/><\/p>\n<p>Conclu\u00eddo o processo de configura\u00e7\u00e3o da VPN, clique em <strong>Monitor <\/strong>no menu e ent\u00e3o em <strong>IPSEC Monitor<\/strong>, clique com o bot\u00e3o direito em cima da VPN criada e clique em <strong>Bring UP<\/strong><\/p>\n<p id=\"XjFTlYq\"><img loading=\"lazy\" decoding=\"async\" width=\"1477\" height=\"543\" class=\"alignnone size-full wp-image-220 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ff816c6f.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ff816c6f.png 1477w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ff816c6f-300x110.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ff816c6f-1024x376.png 1024w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c3ff816c6f-768x282.png 768w\" sizes=\"auto, (max-width: 1477px) 100vw, 1477px\" \/><\/p>\n<p>Espere alguns segundos e a conex\u00e3o deve aparecer como <strong>UP<\/strong><\/p>\n<p id=\"qgfHKDM\"><img loading=\"lazy\" decoding=\"async\" width=\"806\" height=\"72\" class=\"alignnone size-full wp-image-221 \" src=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c405421709.png\" alt=\"\" srcset=\"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c405421709.png 806w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c405421709-300x27.png 300w, http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/img_5f3c405421709-768x69.png 768w\" sizes=\"auto, (max-width: 806px) 100vw, 806px\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>Por enquanto \u00e9 isso pessoal, no pr\u00f3ximo post iremos cobrir com mais detalhes as quest\u00f5es de roteamento dentro do ambiente AWS e Fortigate para comunica\u00e7\u00e3o entre as duas <strong>LAN&#8217;s<\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Bom pessoal, em primeiro lugar, gostaria de agradecer ao Pedro Calixto do blog (https:\/\/pedrocalixto.com\/) e Valdecir do (https:\/\/homelaber.com.br\/), que de certa forma me incentivaram a escrever esse post, configurar t\u00faneis&hellip;<\/p>\n","protected":false},"author":1,"featured_media":223,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[5],"tags":[],"class_list":["post-194","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-fortinet"],"jetpack_featured_media_url":"http:\/\/vbrain.com.br\/wp-content\/uploads\/2020\/08\/aws1-1.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/posts\/194","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/comments?post=194"}],"version-history":[{"count":11,"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/posts\/194\/revisions"}],"predecessor-version":[{"id":233,"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/posts\/194\/revisions\/233"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/media\/223"}],"wp:attachment":[{"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/media?parent=194"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/categories?post=194"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/vbrain.com.br\/index.php\/wp-json\/wp\/v2\/tags?post=194"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}