Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Lohith07
New Contributor II

Cannot access fortigate over IPSEC

we have a site to site tunnel through which we are able to connect to all the instances behind the firewall but cannot SSH, Ping or Https to the firewall. Can you help by sharing how to get management access over a vlan interface through IPSEC. Services are enabled on the interface.

1 REPLY 1
akristof
Staff
Staff

Hello,

 

In general, you need to check these things:

- Enabled management on interface - allow ping, HTTPS, SSH

- Allow traffic from Ipsec tunnel to this interface - including these service

- Verify that no local-in policy is configured that could block the traffic

- If under administrators, you have trusted host/network configured, add subnet/host that you are trying to connect to it.

If all this looks good, do simple debug flow on that device and it will at least tell you direction which you should look. If you will see message like this "iprope_in_check() check failed, drop" it means that FortiGate is blocking it.

Adrian
Labels
Top Kudoed Authors