Hello. Current situation:
Fortiage FG60E (192.168.0.1) is a Windows-like L2TP/IPSec VPN server (interface name is "localVPN") to which all remote clients connect as well as providing an access to local physical clients.
VPN address for FG60E is 192.168.100.130
Currently Mikrotik hEX (192.168.10.1) is connected to it remotely through VPN and has a 192.168.100.131 address. On Mikrotik I've added a static route which leads into 192.168.0.0/24 through 192.168.100.130 and it works well, all local hardware to Fortigate is available to everything remote behind Mikrotik through its 192.168.0.0 range.
However I also want remote hardware behind Mikrotik (on a 192.168.10.0 network) being accessible by local computers in the main 192.168.0.0 network
However when adding a static route on Fortigate it isn't possible to just set it as "192.168.10.0/255.255.255.0" through "192.168.100.131" because FortiOS says there's no such gateway available - and the only other option is to set "192.168.10.0/255.255.255.0" route through the above-mentioned "localVPN" interface - however it doesn't seem to work.
Is there any other way to do it?
And why? The 4g is blocking traffic ? You could also maybe use the fortigate as a dialup client if the far end is supporting dialup service.
e.g ( fgt 2 fgt but the concept would be the same regardless if the dialup-server was a juniper,strongswan,asa,etc.....)
http://socpuppet.blogspot.com/2019/10/fortigate-dialup-vpn-ipsec-from-2nd.html
Ken Felix
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.