SSLVPN unable to connect to network hosts

Forum|Forum|10 years ago
July 23, 2015
1 reply
3927 views

Hi,

Fortigate 60C running v5.2.3,build670.

I have setup the SSL VPN as documented on the Fortigate cookbook and other websites. I have the following address objects defined:

Local_LAN : 192.168.50.0

SSLVPN : 10.212.134.0

Policy objects are in place for:

ssl.root -> Local_LAN

Local_LAN -> ssl.root

Route is in place for 10.212.134.0 on ssl.root

I can connect successfully to the VPN and open a tunnel. When I try to ping a host on the 192.168.50 network I get the message "reverse path check fail, drop" in the diagnostic output. I am not sure if this is the root cause of the problem or there is another issue.

Connecting over IPSEC works as expected with no issues.

I am not sure where to go with this - I have spent 3 days going over the config and re-implementing however I always end up with the same problem. Any suggestions or pointers would be greatly appreciated.

Regards,

Mark

cbehan

New Member

Hi Mark,

I realize that this is an old post but I'm having the exact same issue. Did you ever find a solution for this?

Regards,

Craig

cbehan

New Member

I just figured out my issue. I had been using the web interface to configure the SSL VPN but when I reviewed the config in the CLI, I found that my ssl.root interface was set to DOWN. Nowhere in the GUI did I see this. In fact, the ssl.root interface does not appear under interfaces in the GUI (v5.2.7) like it did in previous versions. Anyway, setting ssl.root to UP resolved my issue.

Cheers.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded