Hello guys, I have configured an ipsec vpn between my fortinet and azure, and everything works ok, the traffic passes without problem. Additionally, I have configured an ipsec vpn with a forticlient user towards my fortinet and it connects well to my internal fortinet lan network. Now I want to make my user's traffic reach Azure, how can I do this? Can you give me the configuration guide? How to - Setup.
ipsec vpn user ----- Fortigate 100e ---------- Azure Network
192.168.30.0/24 192.168.100.0/24 10.0.1.0/24
<---traffic ok-----> <---traffic ok----->
30.0 |<----------------------traffic failed------------------------->|1.0
Thanks for your reply
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
i doubt there will be a guide or such specific enough for this.
some things to consider
- do you do full tunnel or split on the SSLVPN?
- are there firewall rules allowing SSLVPN traffic to the Azure VPN?
- does Azure VPN know the route back to .30.?
Hi Boneyard, thanks for you reply.
do you do full tunnel or split on the SSLVPN? It is not an ssl tunnel, it is an ipsec tunnel created by VPN wizard - are there firewall rules allowing SSLVPN traffic to the Azure VPN? Yes, there are rules allowing traffic to the azure vpn - does Azure VPN know the route back to .30.? Yes, on the azure is created the network 30.0 too.
traffic still not flowing between 30.0 and 1.0.
Attached image of rules in the fortigate. Thanks for your help.
Using 192.168. addressing is probably not a good idea here as most vpn users will also be using this range at home.
What you have is logically correct.
Just a case of checking that the vpn user traffic for the Azure subnet actually is reaching the Fortigate.
Then also checking that you see traffic from Azure coming back to the Fortigate for the vpn subnet.
You can then easily see where the problem is, either Azure has no route back for the vpn subnet or the vpn client sending the traffic for Azure to their local network or the Forigate dropping the traffic.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.