Hi,
PC1 ---- FW1 ---- IPSEC tunnel ---- FW2 ---- PC2
-FW2 WAN IP - x.x.x.x
-FW2 LAN IP - y.y.y.y
-FW1 & FW2 v5.4.1 build5577
1) PC1 only able to access to FW2 using x.x.x.x.
2) PC2 able to access to FW2 using x.x.x.x and y.y.y.y.
3) PC1 able to access to PC2.
Any idea why LAN1 cannot access to FW2 y.y.y.y?
If I were asked to set this behavior intentionally, I would enable NAT on the firewall policy on the FW2 side. But you need to find out if the packet destined to y.y.y.y are actually coming through the tunnel by sniffing packets at FW2.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.