Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
martin28
New Contributor

IPSec over EMAC VLAN

Hello, I am trying to set up an IPSec between two of our firewalls. These firewalls are segmentated in VDOMs. One of the endpoints of the VPN is a loopback interface. The other endpoint is an EMAC vlan interface. VPN establishment goes through the respective root VDOMs (these are the internet-facing VDOMs) and the remote gateway is routed to the respective VDOM. I have managed to set up the IPSec, it is up. Even though the VPN is up, we are facing this issue: If traffic is originated from the endpoint with the loopback interface, it reaches the other endpoint (for example, with a ping), and this one answers with a reply. If I sniffer the traffic, I see the reply routed to the IPSec tunnel, but it never arrives to the other endpoint (the loopback interface where the traffic is originated). Same issue happens if I try to ping from the emac vlan interface to the other endpoint: it never reaches the destination, even though I see it goes through the tunnel, if i sniffer the traffic on the destination, I see nothing. Best Regards.

0 REPLIES 0