Hello,
the scenario is the same as that I asked in the past but with the opposite direction.
My goal: reach the FTP server (192.168.177.2/32) which is "two FGT ahead" (from FTP Net Scanner 192.168.0.246/32)
My scenario:
[ul]
ALL VPNs WORKS
I have admin access only on FG_3 (192.168.177.0/24) and FG_2 (10.1.0.0/24). No admin for FG_1 (192.168.0.0/24).
I tried to use the same procedure (but reversed) described in EMES's response but I think I must have an Admin Access on FG_1.
In fact, if I insert 192.168.177.2 (IP address of the FTP server) in the scanner settings, obviously it is not reached because primarily, I must have to do a Static Route set on FG_1, [that would be the same thing done in the reverse path (Windows Server -> Printer)] but I can access on it.
Or
use an empty FG_2 IP (ie. 10.1.0.247) and set it as destination FTP IP on scanner setting and do a route/translation on FG_2 from that IP (10.1.0.247) to 192.168.177.2 (ftp Server)... but I don't know how to do it.
Can someone save me?
Thank you so much for your help
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
You are going to need admin access in order to edit the Phase 2's to have the destination IPs if they don't already exist.
Either way, that's a convoluted way to approach things.
Is there ANY way you can gain access to the Gate1? Because a IPSec tunnel directly between Gate 1 and 3 would be the simplest route.
Mike Pruett
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1698 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.