Virtual IP map to VPN IP

Forum|Forum|6 years ago
December 20, 2019
1 reply
2065 views

Hi all,

I don't know if it is possible but maybe you guys can help me out.

So we want our Exchange Online mailserver sending certain e-mails to a backend system.

Mails are send to the Fortigate virtual IP and maps it to an IP address behind a S2S vpn.

Policy:

From 'WAN'

To 'S2S'

Source: Exchange Online servers

Destination: VIP

Port: 25

I also added the public IP address to the Phase 2 Selector on the S2S. There is some traffic hitting the policy but on the other end of the VPN no traffic is seen.

Anyone got an idea?

Greetings,

Paul

Toshi_Esumi

SuperUser

I should work as long as the other side routes packets toward the online sever back through the tunnel. Check the routing on the other end and if correct, run sniffer on both ends while sending port 25 traffic to the wan interface. You might need to disable "auto-asic-offload" at the policies to see all packets through the tunnel in sniffing.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded