Skip to main content
TJNIHAL
TJNIHAL
New Member
April 22, 2019
Solved

Share head office internet for remote office through exist IPsec VPN

  • April 22, 2019
  • 1 reply
  • 4288 views

Hi,  I have a existing IPsec tunnel between head office (FG60E) and remote office (FG60D) for file sharing. At the moment existing tunnel is working fine from both side. Both device has v5.6.2 build1486   Now I got a requirement to route all the internet traffic from remote office device to head office device through existing tunnel.    I followed this configuration [link=https://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-ipsecvpn/Internet_Browsing_Config/Config_Overview.htm]https://help.fortinet.com...ig/Config_Overview.htm[/link] but internet is not working   1. Create one security policy        2. Edit the default route in remote device to traffic internet through IPsec Interface Once I change the default route in remote device, all the traffic pass through VPN interface but internet is not working maybe not passing through head office device.  I am not expert the firewall, Any guidance appreciated  Thanks.

    Best answer by Jirka1

    Hey, -do you have the policy incl. NAT on FGT HQ for remote branch subnet?

    -do you have a right subnet (0.0.0.0/0) in Phase 2 in IPsec VPN?

     

    Jirka

    1 reply

    Jirka1
    Jirka1Answer
    Explorer II
    April 22, 2019

    Hey, -do you have the policy incl. NAT on FGT HQ for remote branch subnet?

    -do you have a right subnet (0.0.0.0/0) in Phase 2 in IPsec VPN?

     

    Jirka

    TJNIHAL
    TJNIHALAuthor
    New Member
    April 22, 2019

    Hi Jirka, Thank you for your response, I have not updated the Phase 2 address. Once I updated to 0.0.0.0/0.0.0.0 now all the route is passing through IPsec VPN and internet is working.  Thank you again.

    Terms & ConditionsAccessibility statement