Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
chilun
New Contributor III

IPsec VPN and Policy Route

Hi all,

I have two offices connected by a Metro Ethernet with their LAN subnet itself, and both have their broadband access itself. The internal routing between these two sites is through Cisco router which provided by ISP. All servers are located at the main office.

Recently, I have deployed a backup server at the main office and a DR server at the remote office, then I built up an route based IPSec VPN between these two locations for the backup replication. I want these two servers can be connected by VPN instead of the Metro Ethernet. I configured policy route for both side but not working. Can anyone help?

 

2 REPLIES 2
Bubu
Contributor

Hi,

Can you give us more info please?

Is the tunnel UP?

Tunnel is up but traffic does not go through?

 

diagnose vpn ike gateway list         ->   to check if you are initiator or responder (the next steps, you must perform them on the responder side)

diagnose vpn ike log-filter clear

diagnose vpn ike log-filter name <PHASE1_NAME_HERE>

diagnose debug application ike -1

diagnose debug enable

 

And try to bring up.

You can now analyze the error and solve the problem or send me the debug output.

 

BR

 

 

Bubu

Bubu
chilun
New Contributor III

The tunnel is up. Previously, the VPN tunnel used to handle routing between this two office.

After installed Metro Ethernet, I keep the VPN tunnel for standby.

 

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors