Two site-to-site IPsec and overlapping remote subnets

Forum|Forum|7 years ago
March 18, 2019
1 reply
5020 views

I just migrated to Fortigate, and I have 12 IPsec tunnels to different sites.

Site A and Site B has the same remote subnet, and this is a problem because I can only have the same static route to the subnet once.

Is this solvable from within the Fortigate?

James_G

New Member

I assume site a and site b are client subnets, and servers are in central site, say site c, then it can be resolved by implementing NAT to hide the duplicated vlans at site a and b. More info on requirement would help, but yes I expect something is possible.

HasselmusenAuthor

New Member

Thanks for your reply James, but I digged a bit deeper into the forums and found this thread: https://forum.fortinet.com/tm.aspx?m=138688

And that is the issue that I have and the solution to the problem. It really isn't simple to fix so we're going to change the subnet instead.

HasselmusenAuthor

New Member

Or, maybe I'll just set it up as a Policy based VPN.

Does Fortigate support Policy based VPNs to coexist with Route based VPNs?

I can enable Policy based VPNs under Advanced Features, but I want to make sure it does not screw up the already established Route based ones that I have.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded