Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Adonist
New Contributor

Created on ‎03-22-2018 09:10 AM

Fortigate 5.6.3 Site-to-site VPN multiple remote subnets

Hi,

 

We just moved from Cisco to Fortigate and we are having issues migrating some VPNs.

The image below shows a bit on how they should be.

Pretty much those VPNs have 1 subnet from our side and multiple subnets on the client side.

We have to NAT our internal network to our Public IP (so all internal connection arrive in the client with the public ip and not internal IP).

We created the VPN using Local Address our subnet and Remote Address a Groups Object with multiple objects one for each subnet.

We created a IP Pool as Overload with our public IP and created the policy allowing access from our network to this group with networks and enabled the NAT using our IP Pool.

 

The VPN goes UP but we can only access one network in the Group Object. This is happening in multiple cenarios with the same config.

Any idea of what we are doing wrong and what could be done to fix it ? 

 

 

3042
0 Kudos
0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.