set type dynamic set interface " wan2" set dhgrp 2 set xauthtype auto set mode-cfg enable set proposal aes256-md5 3des-sha1 aes192-sha1 set authusrgrp " VPN_Mobile" set default-gw 172.16.1.254 set ipv4-start-ip 172.16.5.210 set ipv4-end-ip 172.16.5.220 set ipv4-netmask 255.255.0.0 set dns-mode auto set ipv4-split-include " Private" set domain " XYZ" set psksecret XYZi
I don' t understand what' s wrong with the current configuration. Here it is:Please, re-read above Ede' s post once again; you' ve the answer there. Textually from the official docs: ipv4-split-include <address_name>: Select the address or address group that the client can reach through the VPN. This information is sent to the client as part of IKE Configuration Method. This is available only if mode-cfg is set to enable.set ipv4-split-include " Private"
regards
/ Abel
-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.