Hi guys, i set up SSL vpn from fortigate to our AWS setup. we have 2 AWS accounts and i am able to reach resources in one account without any issues but not the other one. All the config is the same across both accounts.
on prem wifi is also going through fortigate and through that both AWS accounts are reachable and i am using the same LAN link as incoming interface for SSL vpn.
any ideas of what could be the problem? thanks
Solved! Go to Solution.
So i see that traffic comes from ssl vpn to ipsec vpn from x.x.x.1 to x.x.x.2 on port 3389.
This traffic is allowed by policy "Allowed by Policy-29" and traffic leaves fortigate into tunnel
"enter IPSec interface Test VPN 2, tun_id=0.0.0.0" -- Traffic enters tunnel
"IPsec encrypt/auth" --- Traffic is encrypted
"send to x.x.x.4 via intf-wan2" ---traffic is leaving fortigate via WAN2 interface.
It seems that there might be an issue with RDP on AWS side.
Can you check if RDP is enabled on EC2 Server? or if there is any policy in AWS that blocks RDP traffic?
OpenVPN just does not feel like a very polished solution as we have to install the OpenVPN client to connect to it. I would rather use something that conforms to a standard, so that I can either setup an IPSEC session in Windows natively.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.