FortiGate 60D send outgoing VPN traffic always over default gw on ppp1 instead of VPN.
Hello Fortigate Community,
We are currently in the process of onboarding a new client who has a Fortigate 60D running FortiOS 5.2. Please note, this firewall will be replaced soon. The setup consists of two Internet uplinks configured once over PPP1 and once as a LAN interface.
As part of the onboarding process, we have established a VPN tunnel to a Sophos firewall. The VPN tunnel is up and operational. From the Sophos side, the remote network can be accessed correctly, and the devices in the remote network can be reached without issue.
However, we are experiencing problems in the opposite direction. Despite setting up a static route, the Fortigate firewall sends all the traffic to the default gateway over PPP1/Internet instead of routing it through the VPN tunnel interface.
This behavior is causing us a fair amount of difficulty as it's inhibiting communication in the direction from the Fortigate firewall towards the Sophos one. It's worth noting that we haven't had any similar issues with other clients or setups. We suspect this might be due to some specific configuration on the Fortigate 60D or the older FortiOS 5.2.
Could anyone provide insight into this issue? Any suggestions on troubleshooting steps or possible solutions would be highly appreciated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.