Problem with Fortigate on AWS

Alex2 · ‎05-31-2023

Hi please i have a huge problem.
I have an EC2 instance on AWS with IP address 172.31.X.X that I want to communicate with another remote instance of a customer always on AWS with IP address 172.33.X.X through a fortigate IPsec VPN tunnel on both sides else.
For the fortigate 1 we have LAN: 172.31.X.Y, WAN: 172.31.Y.Z and the pubilc IP
For the fortigate 2 we have LAN: 172.33.X.Y, WAN: 172.33.Y.Z and the public IP

the vpn tunnel is UP but when I ping from the ec2 172.31.X.X to the remote ec2 172.33.X.X the ping does not go through and when I try to get out of the network I cannot. From the servers we can't ping the internet. Apparently it's a routing problem but I don't know which side.

Here is the architecture

EC2 ===> Fortigate 1 ===> tunnel ===> Fortigate 2 ===> EC2

But the traffic is blocked internally (between EC2 and Fortigate) and does not go out

Please i want some help

gfleming · ‎06-02-2023

Do you have a FW Policy that allows the traffic from LAN interface to WAN interface?

Cheers,
Graham

View solution in original post

Alex2 · ‎06-02-2023

Hello Graham hope that you are fine.

There is the screenshot of the configuration of ports on Fortigate 2

And this is the configuration of the Fortigate 1

gfleming · ‎06-02-2023

Do you have a FW Policy that allows the traffic from LAN interface to WAN interface?

Cheers,
Graham

Alex2 · ‎06-05-2023

Hello Graham

Yes i look it and i solve the problem,

Thank you

Problem with Fortigate on AWS

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website