Good day engineers
I have a fortigate 900D which is connected thorugh an MPLS with service providers. however there is an offsite branch that houses the MX server and there is a fortigate there too. i have interface on the fortigate which is local to me and now my problem is making the service provider access the mail server on the offsite location. all traffic has to pass through my fortigate.
if i trace route to the fortigate itself im successful but if i try to traceroute to the specific interface, packets are dropped.
i am thinking of creating a policy route that can make the traffic move well.
please if there is anyone who can assist me i will be grateful
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
You need to check if the route to the destination exists on your local FGT, then then route back to the source exists on the remote. If they do, check your MPLS network has both routes at the provider.
If you sniffed or ran flow debug at your local FGT, you probably already know where the packets are dropped.
For packets routed over MPLS network, not toward the internet, policy routes at edge devices wouldn't make much difference.
Please try flow debug to see the reason why packets are dropped.
diag deb en
diag deb flow filter xx
diag deb flow trace start 3
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.