Sending all local traffic over L2L IPSEC VPN tunnel to hub

Forum|Forum|4 years ago
August 15, 2021
2 replies
2189 views

I'm somewhat new to IPSEC VPNs on Fortigate, and am having some trouble figuring out how to send all local traffic (including from the Fortigate itself) over the tunnel to the hub site. Our security policy dictates that we don't do any split tunneling, which includes traffic originating from the firewall, switch, and APs at the site talking to Fortinet. We have no issue with user traffic, which is working perfectly, but traffic that originates from the secure fabric is not going across the tunnel for licensing and registration and such.

I'm sure it's something simple...

spoojary

Staff

Check the below doc : https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-IPsec-VPNs-tunnels/ta-p/195955

Also you can check : https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/520377
Here you can choose your config and go ahead and check the config if it correctly added or not.

To force all local traffic, including traffic originating from the FortiGate itself, to go over the IPsec VPN tunnel, you'll need to set up a specific policy and routing configuration.

knagaraju

Staff

Hello Absolut0128,

May I know if the fortigate is in HA or standalone?

Could you please refer the below link
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Self-originating-traffic-over-IPSec-VPN-For/ta-p/193456

Regards,
Nagaraju.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded