Hi,
I have a VPN between 2 Fortigate and I notice a strange behaviour :
Some machines on one network can ping machines on the other side of the VPN while others can't.
Checking in Fortiview / sessions, I discovered that some of them correctly execute the ping through the VPN while the other are trying to connect through WAN (and so it doesn't work).
I configured policies for traffic going from and to the other side of VPN, and route to remote network using the corresponding vpn interface.
In attachment is an example of what happens. My local network is 10.1.0.0/16 and the remote network is 192.168.0.0/16.
Do you have any idea on how to solve this problem ?
THank you very much,
Regards,
Fred
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
What I would do;
run diag debug flow to se what happens
inspect routing table static and PBR to ensure the route is correct for the src/dst
review policyid 1+5 and possible ordering, look for any nat-enable on the policy that does NOT work.
ken
PCNSE
NSE
StrongSwan
did u create static route for it. this vpn is under interface vpn option right?
rookie
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1667 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.