Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Bob_Agoglia
New Contributor

Traffic from IPSec tunnel to a VLAN

I have a Fire Dept station 1 that is connected to our city hall (CH) office via Ubiquity wireless dishes on a VLAN setup in a 100E at CH.  The FD has a remote location, station 2, connected to CH via an IPSec persistent VPN tunnel. There are cameras at FD station 2 that I need to give them access to at station 1.  I have played with routing and policies but I cannot seem to make this work.  I am attaching a diagram of the layout with subnets and hardware models.  You will also notice PW on there but if I can get FD working I can use the same logic to get PW working.

 

Thanks in advance. 

11 REPLIES 11
sw2090
Honored Contributor

no one mentioned ipsec to fd1.

maybe it is just irritatig.

 

in both policies it is the same ipsec between ch and fd2.

 

So CH FGT has to have:

 

src addr: fd1 subnet

dst addr: fd2 subnet

src intf: fd1 vlan

dst intf: ipsec ch<=>fd2

 

FD2 FGT has to have:

 

src addr: fd1 subnet

dst addr: fd2 subnet

src intf: ipsec ch<=>fd2

dst inft  fd2 subnet

 

plus static routing as mentioned above.

sorry for the missleading.

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
sw2090
Honored Contributor

oh and no nat enabled on these policies in this config.

 

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Top Kudoed Authors