Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mylouch
New Contributor

client to site ipsec vpn established but can't reach local ressources

Hello all, 

I set up a vpn tunnel (ipsec vpn) on a fortigate 60D (forti OS 5.0). The link is up and I'm successfully connected through forticlient. The problem is I can't bing to any ressources in my local network even though the link is established

Any idea about this problem.? Besides I lost internet connection  How can I fix those problem

Thank you in advance 

1 REPLY 1
Sandeep_FTNT
Staff
Staff

Make sure following is configured .

- firewall policy created is from VPN phase-1 interface to internal

- create a static route for VPN subnet with interface as VPN interface (which is VPN phase1 name ) 

 

With regards to loosing internet then  make sure split tunnel is enabled , command is given below 

 

config vpn ipsec phase1-interface

edit <name>

set ipv4-split-include <   > ======> select the address object created for LAN network 

end

 

If you dont want to enable split tunnel then create a firewall policy from vpn interface to WAN and enable NAT for internet access which is essentially full tunnel.