Hello everyone,
I have a configuration with two fortigate (80C and 92D).
The 92D is located at the company HQ.
The 80C is located at a company branch.
A site_to_site VPN is configured and properly working between those two fortigates.
The branch can access the LDAP directory and file server of the HQ (policies are configured to allow that).
My problem is that the branch itself as a Site-To-Client SSL tunnel configured for remote workers.
I would like to use the HQ Ldap to retrieve their user accounts but from the fortigate itself, all HQ IP address are not reachable.
I don't know that policy or route is to be configured to allow the branch fortigate itself to see the HQ network.
Can someone help me ?
If you need more information, just ask.
Many thanks,
This is a perfect problem for FTNT Support. So I'd recommend to open a ticket for technical assistance for this.
IMHO the reason for this situation is that the tunnel ends are not numbered (do not have IP addresses assigned). In 95% of the cases the FGT on one end can ping remote network hosts without problem. That is, if the phase2 Quick Mode selectors are set correctly.
As there are quite a few unknown parameters in this picture I'd prefer to leave this to Support.
HI DEAR ALL:
I have the same issue!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.