Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
cis4
New Contributor

Passing Traffic to IPsec Dial-up VPN Clients

FortiGate 60F, v7.4.8, with IPsec Remote Access VPN using Forticlient, everything has been working well. I now need to set up a second tunnel that will assign a single IP address to a remote access client. 

 

The remote access client can access all LAN resources, but need servers on the LAN to pass traffic to the Remote Access clients too. I've tried setting up a static route to the tunnel interface, and created a policy to allow LAN > Tunnel. I see traffic coming in from the LAN, and out through the tunnel interface, but nothing arrives (no response back from ping). 

 

Hopefully I'm missing something easy here! 

2 REPLIES 2
msanjaypadma
Staff
Staff

 

Hi @cis4 ,

Did you try disabling the firewall on remote access users PC?

 
Mayur Padma
cis4

Hi Mayur, 

 

Thanks for the reply. I've tried disabling the firewall on the remote computer, and left wireshark running, but I'm getting nothing through to it. It's like the traffic is getting lost somewhere between LAN going out through the Tunnel, and the Remote Endpoint.

Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors