Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortiextender/AC340U and site-to-site VPN tunnel

Let me start with the goal of this project: Establish a site-to-site VPN tunnel via the fortiextender/hotspot that has a public IP address (subnet on the internal interface i.e. to a remote network using a VMWare edge server (large).


Current Status: The tunnel shows up/up on the FWF60c and remote endpoint, but no incoming or outgoing data.


Running into an issue establishing a VPN tunnel and haven't successfully diagnosed the source of the problem yet.  Here is what I have for the configuration:


Local Peer:

Fortiextender 100b & AC340U (public IP address established)

Fortiextender plugged into the WAN1 interface of the FWF60C (

Internal interfaces set to (

Wifi set to (


Remote Peer:

VMWare edge gateway server (large)

public IP address established and a number of tunnels already configured and functional, however this is the first tunnel I am trying to establish using the hotspot and fortiextender.


Policies are in place for the fext, WAN, Internal, etc. and able to get out to the internet without issue. However, attempting to just ping the remote endpoint subnet results in "request timed out" from a device connected to the internal interface on the FWF 60c w/IP address of


VPN Phase I interface is the fext-wan1

Phase II local subnet is: internal (

Phase II remote subnet: remotenetwork (


I know I am likely missing something simple, but after looking at it for so long I can't see it.


Any help would be appreciated. NOTE: I am also going to be setting up a MESH network as well because the buildings and devices that need to communicate together are not wired and unfortunately we will not be able to wire them. For that, I have a couple of FAP222c that I will employ.