Connectivity issue between deux Fortigate : Site to Site

Yafogne · ‎05-11-2020

Hello,

I’m using two Fortigate 61E and I’m currently experiencing connectivity issues (see copy architecture).

I connected the two Forti with an ethernet cable and the goal is to create an IPsec tunnel (I am currently in a test environment before deploying in production).

-With the local network 10.1.30.0, I can reach the gateway 192.168.12.1 and the remote firewall on its WAN interface 192.168.12.2

-With the local network 10.2.30.0, I can reach the gateway 192.168.12.2 and the remote firewall on its WAN interface 192.168.12.1

I created the rules in the IPv4_Policy so that the two LANs can communicate:

-Before configuring IPsec, my LAN HQ cannot join the LAN Branch

-I configure the IPsec tunnel but it stays down

NB: I think I have put the routing rules well because on each, I have several subnets and I put the rules and they communicate well on the same site but I do not know what I need so that the intersite market.

Thank you for your help because I am not going any more!

Best regards,

Yafogne

Toshi_Esumi · ‎05-11-2020

You need to show/explain us below:

1) ipsec phase2 selectors config on both sides

2) static routes you put in to both FGT for remote subnets, or show routing-table (get router info routiong-t all)

3) a set of FW policies (incoming&outgoing) on both sides

one of them, or multiples, must be broken.

Connectivity issue between deux Fortigate : Site to Site

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website