Fiber upgrade

Question

So I have something that I thought was going to be simple but has turned out to be something not so simple. I am probably just overlooking something.

I have three schools that are currently connected via an MPLS circuit provided by our ISP. They are configured in a hub and spoke type configuration. We have recently had the three schools connected with a point to point fiber provided by our ISP, still in that hub and spoke configuration. So here is my scenario:

I will call the schools A, B, and C

All three schools have fortigates, school A has a 600C the other two are 100D.

School A is the hub it is also where the other two schools go to get their internet access.

Each school also has its own separate IP range, School A is 10.10.0.0, School B is 10.11.0.0, and school C is 10.12.0.0

I can assign IP addresses to the fiber ports on the Fortigate's and ping across the fiber to each other no problem, but when I try pinging with a client I get no such joy.

I have assigned the first fiber port as follows School A 10.130.0.1 to school B which is 10.130.0.2

School A second fiber port 10.131.0.1 to school C fiber port 10.131.0.2

I set up Policy routing for all these ports and then configured my policies to allow all traffic across.

I thought with this being a point to point it would be so simple, guess not at least for a Fortigate novice anyway.

Any help with this will be much appreciated. I know I am going to feel stupid after someone tells me how simple this is.

TIA

Toshi_Esumi · Answer

What is NOT working? You didn't described the most important thing for troubleshooting? School B and C can't get to the internet? Or they can't connect each others?

I'm not sure why you need policy routes but first you need to check routing-table at all FGTs to see if they have proper routes to reach wherever they need to get to.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded