Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Joining to domain over GRE tunnel


I have a problem with joining computers located in a branch

office described in the following, It would be grateful if anyone help


I have a FG1240B firewall as edge firewall in my network

and a FG60C in branch office, these firewalls can see each other with

assigned IPs, in the other hand I established a GRE tunnel between them

to increase security and making direct site to site connection. The

tunnel interfaces have it's own IPs. Routes between two LANs are created

and computers in branch can see HQ's servers such as DC and Additional

DC, it should be noted all services are opened to two side and even

branch's computers can resolve records in DNS and open https web servers

and ... .

But I face the problem when i want to join computers

to domain, after entering the credentials it returned error message as

"the network path was not found" . For solving this problem I found that

the TCP ports 139 and 445 (that refers to user and computer

authentication) could not establish connection to DC while all services

are open in origin and destination, even DNS service is passed and when I

issue the netstat command in branhce's computer, I noticed connection

to DC is established in SYN_sent step and it couldn't step forward to

SYN_ack and SYN_RCVD . it is worth to mention that all these logs

information were seen in the branch and there is no join query in the

firewall 1240B

thank you in advance for replying


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors