Let me start off by stating that I have very little experience with Fortigate and was pushed onto this project to "fix" this. I have a vpn setup between two sites. Site A is making requests to Site B to an API on a specific (Nat'd) IP, but for some reason I cannot get traffic to that IP. I can see data coming (in the fortigate) in but nothing is making it to the specified server.
Below is the configuration as best as I can describe it. I am sure there is something I am missing. Site A: is not under my configuration but has been assured to be configured "properly" with no Nat'd addresses. Site B: Configuration as follows... Please let me know if you need more info. Static IPSec Tunnel:
[ul]IPv4 Virtual IP created for the server
[ul]IPv4 policy (Note: that both of these show a caution alert that "all source interfaces are down" but IPsec tunnel shows as Status: Up)
[ul]Static Routes
[ul]I used the Forti Cookbook (https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/616440/configuring-ipsec-vpn-on-branch) to configure this originally. Unfortunately I am at a loss as to what to try next. Any help would be appreciated.
The configuration is correct.
The Phase 2 is up when you test the traffic?
From ip 172.31.254.208 can you ping 123.45.67.8 or 123.45.67.9?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.