Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
papapuff
New Contributor II

ASK - Brain storm - Why VPN SSL can't connect to their local computer

hi there, need advise.

we've setup 2 networks into vpn ipsec. net_01 and net_02.

net_01 has following configuration:

ip segment: 10.0.0.1 to 10.0.0.254

gateway: 10.0.0.10

dns: 10.0.0.1

 

net_02 has following configuration:

ip segment: 10.0.10.1 to 10.0.10.254

gateway: 10.0.10.11

dns: 10.0.0.1

we also setup vpn ssl to net_02, and create policy enable to connect internal net_02 (10.0.10.x)

 

while connect to vpn ssl, can ping to gateway, but can't remote to local PC (PC_A2).

but internally (LAN), clients can connect to PC_A2

 

am I missing something?

please help.

 

thanks in advance

3 REPLIES 3
Cloud
New Contributor

Hello,

 

Have you added a static route and Ipv4 policy ? to allow the communication between this two network segments?

 

Best Regards,

Marcin

rwpatterson
Valued Contributor III

What are the subnet masks of those two networks? As in do they overlap?

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
papapuff

hello,

 

happy new year 2019. sorry for long wait response.

 

yes, static route has been added. and IP4 policy also added.

 

What are the subnet masks of those two networks? As in do they overlap?

subnet masks: 255.255.255.0

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors