reverse path check fail, drop

This usually means that the FGT has no route back to the source IP of that connection so it drops it (anti-spoofing). If you give us a little more information about the circumstances we might pinpoint it.

Thank you for your answer. Here is my config : Admin : - IP1 : 1.1.1.0/24 - IP2 : 2.2.2.0/24 - IP3 : 3.3.3.3/32 I can access the fortigate only by IP (range) 1. If y try via IP3, i have the message " reverse path check fail" I have never heard about a route back to the source IP . Thank you in advance.

I have never heard about a route back to the source IP .

That is, if seen from the FGT, the remote subnet of a packet' s source address cannot be reached via any active route then the FGT assumes this IP address to be faked (spoofed) and drops the packet. In your case, there should be routes to 1.1.1.0/24, 2.2.2.0/24 and 3.3.3.3/32, as verified in Router>Monitor. I don' t think a default route (0.0.0.0/0) would suffice but I' ve never tested that.

Dear, I just added a static route and now all is working. Thank you very much for your help. Bests Regards,

I' m glad you found a solution. If you find a particular post very helpful (or very annoying) you may click the " Rate this post!" link and rate it from +2 to -2 score points.

Ok it' s done :) Thank you, and have a nice day. Vincent.