FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sebas865
Staff
Staff
Article Id 315018
Description This article describes how to fix the layer 3 connectivity issue when multiple policies with VIPs using the same external IP and map IP addresses but different interfaces.
Scope FortiGate v7.4.3.
Solution

When this VPN topology is in place:

 

Capture1.JPG

To allow this traffic on two different policies, configure the source address option on every VIP:

 

VPN1.JPG

VPN2.JPG

Configure the policies and specify the VIPs on each policy:

 

Capture3.JPG

 

Test ping from both VPN sources:

 

Capture5.JPG

Capture4.JPG
Contributors