Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jpalo
New Contributor

Duplicate ip when vip is configured.

Goodmorning,

i hope im using the right place on the forum.

 

Context:

I configured an ipsec vpn over Paloalto Network (site A) and a Fortigate (site B). On site B i had to configure a nat 1:1 and a VIP to avoid overlapping on the site A. The vpn and the nat works perfectly. 

 

The problem:

On the lan of site B i get duplicate ips on the Windows Server when i assign an static ip of the nat network (vip network).

 

Reason:

I need to add a secondary ip for the nat network on the windows servers to make WMI work over VPN to avoid this problem (https://support.microsoft.com/en-us/help/248809/prb-dcom-does-not-work-over-network-address-translat...)

 

Im not sure if the reason is the ant and the vip configuration making this issue. The same context but using pfsense and Paloalto, works. 

 

Thank you for all and sorry for my bad English.

Have a nice day.

1 REPLY 1
Toshi_Esumi
Esteemed Contributor II

Well, as the MS document says you're using application NAT is not allowed, while you set NAT against the condition. Only option seems to be make the subnets unique through locations to remove NAT. No way around it.