Access Fortigate Firewall 100 D internal network from my Branch network.

Syed_Mehmood_Ali · ‎08-06-2015

I want to access my fortigate firewall 100D internal IP from my branch office network, what settings should I do for it. Details mentioned below:

Fortigate Firewall Internal IP = 192.168.1.1/24

Branch network IP = 192.168.2.0/24

Branch network PCs can access my whole network "192.168.1.0/24" and able to ping them too but not the firewall internal IP. These two offices connected through Juniper SSG 5 at both end through IPSec VPN tunnel.

ede_pfau · ‎08-06-2015

Without diagnosis which would immediately show you what the reason is:

- make sure there is a route to the .2 network on the FGT (gateway is the tunnel end)

- check that Administrative access allows ICMP on the internal FGT interface

Ede Kernel panic: Aiee, killing interrupt handler!

Syed_Mehmood_Ali · ‎08-07-2015

Thanks for your quick response Sir. I have made the route for my branch network on Fortigate through which I'm able to ping my branch network PCs from fortigate firewall but branch PCs is not able to ping the fortigate internal interface, I already allowed the ICMP on internal interface.

ede_pfau · ‎08-09-2015

ICMP could be blocked if you use 'Trusted Hosts' settings in the admin setup. There are several posts on this on the forums, please search for it.

edit: read this - [link]https://forum.fortinet.com/tm.aspx?m=122674[/link]

Ede Kernel panic: Aiee, killing interrupt handler!

emnoc · ‎08-09-2015

The diag debug flow command is really what you should use and a packet sniffer. If the traffic is or is not arriving at the fortigate from the source_network(s), these 2 diagnostic approach will shed light.

PCNSE

NSE

StrongSwan

Access Fortigate Firewall 100 D internal network from my Branch network.

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website