I have 3 fortinet boxes.
box 1 is 600c at main office
box 2 to is 90d , connects to main office via MPLS
box 3 is 60c, connects to main office via IPSEC tunnel
I need box 2 and 3 to be able to talk to each other.
I have tried putting a router from box 2 to box 3 on box 2, and vice versa, but still not routing traffic.
is that all that would be needed to make this work, or am I missing a step?
I'll assume the following:
Box 1 has a route to the Box 2 subnet via the MPLS router
Box 1 has a route to the Box 3 subnet via the IPSec tunnel
What you will also need:
-policy on Box 2 to allow outbound traffic to the Box 3 subnet via the MPLS link (you need this in addition to the route)
-policy on Box 2 to allow inbound traffic from the Box 3 subnet via the MPLS link
-policy on Box 3 to allow outbound traffic to the Box 2 subnet via the IPSec tunnel (you need this in addition to the route)
-policy on Box 3 to allow inbound traffic from the Box 2 subnet via the IPSec tunnel
-policy on Box 1 to allow traffic from the interface off of which the MPLS router sits sourced from the Box 2 subnet to the IPSec tunnel
-policy on Box 1 to allow traffic from the IPSec tunnel to the interface off of which the MPLS router sits
Regards, Chris McMullan Fortinet Ottawa
User | Count |
---|---|
2056 | |
1173 | |
770 | |
448 | |
341 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.