IPsec Between Fortinet and Mikrotik

Question

Hello, I don't have much experience with this stuff and have a little problem if anyone can help me would be great. i have FortiGate 40F on one side and Mikrotik 2011 on another side. i managed to build IPsec between those 2 and IP sec is UP.

But there is problem i can't have ping or any kind of connection between those 2 networks. On mikrotik i have 192.168.1.0/24 network and on fortinet side i got 192.168.60.0/24 network on Lan ports. If anyone can help me to tell me what should i check to find the problem i haven't much experience with fortigate.

[link]https://ibb.co/0rnHQxN[/link] [link]https://ibb.co/JHwWsW8[/link] [link]https://ibb.co/kHKH6Lp[/link] [link]https://ibb.co/XLPxgD9[/link] [link]https://ibb.co/ysgG7Dy[/link] [link]https://ibb.co/L8vtmf7[/link] [link]https://ibb.co/q59nccM[/link]

Toshi_Esumi · Answer

I don't see any particular problem on the 40F config, although I would remove the second static route for 192.168/16. But it shouldn't break anything even if it's there.

I would suspect the other side, but first sniff packets on the FGT while you ping from FGT's local toward the other side. You need to disable asic offloading (set auto-asic-offload diable) on both policies in CLI to see all packets. Don't forget to reenable it after you're done.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded