Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

IPSec with 4G Router - no incomming data



We have a problem with a customer who has a fibre line which is not working because of flooding in his town :(. We could provide him some basic internet connection with a 4G router (40MB up/down) and it works OK.


Problem is that another branch has to connecto via VPN to them to work with the ERP, so we need the VPN connection.


We configured the DMZ functionality in the 4G router and we have NAT to the FG. We are unable to connect from outside to the IP ( Also with the FortiDDNS we cant connect from outside. We disables the firewall functionality from the 4G Router but again no chance to connect, so we dont know if the DMZ function works or if the IP is not correct (maybe the 4G provider routes the traffic and there is no chance to get a real IP to connect).


The VPN we tried first with agressive mode chaning both sides. The VPN goes UP but there is no incomming data on the Forti behind the 4G Router. We see outgoing traffic from the other Forti.


Than we tried main mode with the IP we got from the WAN on the FG but with the same result.


So basically we dont know if the problem is that this is not the real IP or if the DMZ of the 4G router is not working. 


Any ideas or suggestions?





Most probably the 4G router doesn't have a public IP and the traffic will end up double NATed. If the branch that has a stable connection has a public IP on the FGT you may try to build a dial up VPN from HQ to the branch. FGT on HQ being the dialup client.