Hello,
We have been trying to communicate via IPSec VPN a branch office passing trough the main office to an external network each step has a different VPN, the setting is the following:
-There is a FG80C in the branch office which have a working site-to-site VPN with a FG200B in the main office
-There is a working site-to-site IPSec VPN between FG200B and an External Checkpoint Firewall.
What we need is to be able to communicate from the FG80C passing through the VPN with FG200B and then passing trough the 2nd VPN from FG200B and the Checkpoint to the final destination.
So far from the FG80C the packets that go to the final destination network go through the VPN with the FG200B, checking the logs in a FortiAnalyzer we found out that those packets arrive from the internet port and go to the internet port so there we put a firewall policy which encrypts with the FG200B-Checkpoint VPN but the log says it doesn´t use it and instead the packets go through the implicit policy. Does anyone know how can this be configured? or where is my mistake?
Thanks