Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fionaC
New Contributor

Cannot use Dial-up Client and Site-to-Site at the same time?

I have a site-to-tunnel to a remote office. I also have a dial-up tunnel to that office. The site-to-site is used as primary, but there is one system we need to use the Dial-up client w/split tunnel for. This has always worked until recently. I am not sure if it is an issue with 7.2. The problem we have now is if the site-to-site tunnel is up, the FortiClient dial-up does not work. It I take down the site-to-site tunnel, it works. Is anyone else seeing this kind of behavior where you cannot use both? 

 

3 REPLIES 3
jintrah_FTNT
Staff
Staff

hi,

Did you try setting up a unique peer id for the dialup since both tunnels would use the same wan IP? Technical Tip: Use of PeerID and LocalID in IPsec ... - Fortinet Community

 

Best regards,

Jin

 

 

fionaC

Yes, that makes no difference. It appears the Fortigate on one side is dropping the traffic. 

Toshi_Esumi
Esteemed Contributor II

You need to share significant portion of IPSec config (phase1-interface and phase2-interface in CLI) for both site-to-site and dial-up at the head-end and site-to-site at the remote FGT so that somebody can comment on what might be the cause.

 

Toshi