Issue: SSLVPN Connected But Can't Access to Internal Server

Nelvin · ‎04-28-2019

Hi everyone,

I connected forticlient-SSLVPN and get the connection.

But the problem is I unable access to my internal server.

Configuration for Fortigate 100E as attached :

Should I add remote groups for the internal server?

Does anyone got solutions for me to try? thanks in advance =)

Toshi_Esumi · ‎04-28-2019

Is it "split-tunnel" or "no split". If split, check your PC's routing table w/ "route print" to see if server IP/subnet is there. The destinations have nothing to do with remote groups. It's decided by 1) routing (in case split) and 2) policy for ssl.root->internal interface.

Nelvin · ‎05-01-2019

Hi Toshi Esumi,

Thanks for your suggestion.

I didn't enable the split-tunnel function.

And I checked and opened all the services in IPv4 policy, ssl.root --> Internal LAN.

Finally, I found out the issue.

My company network IP range is 192.168.1.X, internal server 192.168.1.254.

Branch site router IP range also 192.168.1.X.

Both network conflicted.

lotfi_boucherit · ‎04-30-2019

I'm having same problem with an IPsec VPN.

It is connected, but no traffic is working.

Toshi_Esumi · ‎04-30-2019

This thread was for SSL VPN. Open a new case with a proper subject including a word "IPSec" and share the proper info about topology and config. Otherwise, nobody can't comment on with just "not working".