Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RudiScott
New Contributor

Created on ‎10-19-2022 03:44 AM

SSL VPN Access IPSEC remote side

Hi all,

 

I have an IPSEC tunnel between 2 branches and that is functioning very well. I also have SSL VPN setup at my Head Office where users can access office resources remotely. 

The predicament I have found now is that I am unable to get the SSL users to access the remote office resources over the ipsec tunnel. 

I have added the SSL subnet to the IPSEC tunnel as well as the Firewall Policy but still not able to see or access the remote office. 

Any suggestions? 

 

Thanks 

Labels:
560
0 Kudos
1 REPLY 1
akristof
Staff
Staff

Created on ‎10-19-2022 05:11 AM

Hello,

 

Make sure that you have these things configured correctly:

Add subnet of remote branch to SSLVPN - if using split-network

Phase2 - with correct source/destination subnets including your SSLVPN subnet

Valid firewall policies - on the HQ, from ssl.root (example for root vdom) to Ipsec

And double-check that remote-branch installed subnet of SSLVPN into routing-table so the traffic will not be dropped.

 

After this, try packet captures/debug flows on HQ and remote branch and see where traffic stops.

Adrian
550
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.