Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
waaalex
New Contributor III

VPN : hub and spoke can't join remote networks

Hello,

I have a hub and spoke with three spokes.

 

Everything is ok, clients from spokes networks can join each other and to the central network (ping, AD, SMB, DNS).

From central, everythings is ok too.

BUT ,

from hubs and spokes CLI, i can't ping nothing but the local network.

one hub can't ping other hub and ping other machine on a hub network or central network.

 

For example, i can't redirect a hub log flow to the central syslog server.

Can you help me?

 

Thanks.

 

1 Solution
Jirka1
Contributor II
3 REPLIES 3
Jirka1
Contributor II
waaalex
New Contributor III

sigmasoftcz wrote:

Hi,

search...

https://help.fortinet.com...iginated%20traffic.htm

Thank you very much that's it!

I mark you post as aswer.

waaalex
New Contributor III

sigmasoftcz wrote:

Hi,

search...

https://help.fortinet.com...iginated%20traffic.htm

I saw your link but unfortunately not helpfull because self-originated traffic does not seems to take ICMP.

My issue is that the fortis units (hub and spokes) can only join their local networks. 

Clients in differents networks can communicate. IP SEC VPN is ok, but forti units not.

I hope my description is clear.

Thanks for help.