Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ammrider
New Contributor

Created on ‎01-31-2023 09:39 PM

VPN access network drive problem

Hi,

 

Branch A and B offices have a site-to-site VPN connection, everything is OK, branch A PCs can access branch B office server files and folders if A branch PC has mapped the network drive under the Windows 10, e.g. H drive.

 

Recently, we have enabled the client-to-site VPN connection to branch A office so that staff can access branch A office server files if our colleagues will be worked from home, staff laptop can access branch A office files but staff laptop cannot access branch B office file server.

 

If use ping command:

laptop can ping branch A network (192.168.1.x) but laptop cannot ping branch B network (192.168.2.x)

I have tried to add a static route on the laptop Windows but it still doesn't work.

 

How a laptop can access both branch A and B server files even both offices are using site-to-site VPNtemp3.jpg (diagram attached)

 

Branch A office using FortiGate 61F firewall.

 

Appreciate that if someone can help.

 

 

 

Labels:
2890
0 Kudos
7 REPLIES 7
srajeswaran
Staff
Staff

Created on ‎01-31-2023 10:25 PM

Below article explains the similar setup, could you please recheck if your configuration is matching with the recommendations.

 

https://docs.fortinet.com/document/fortigate/6.2.12/cookbook/45836/ssl-vpn-to-ipsec-vpn

 

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
2884
0 Kudos
ammrider
New Contributor
In response to srajeswaran

Created on ‎01-31-2023 10:49 PM

Thanks Suraj,

 

I use following IPsec-VPN to connect branch FortiGate firewall configuration, connecting to branch A office is OK, just it cannot connect to branch B office network from any laptops, however, I will go thru again from below steps.

 

https://docs.fortinet.com/document/fortigate/6.2.12/cookbook/785501/forticlient-as-dialup-client

 

2876
0 Kudos
alif
Staff
Staff
In response to ammrider

Created on ‎02-01-2023 03:26 PM

Hi @ammrider,

 

A firewall policy is required to allow traffic from dialup IPsec clients to branch B office.

 

In case the issue persists, running debug flow will help in identifying the issue.

Regards,
SFA
2830
0 Kudos
Hasnatriad
Staff
Staff

Created on ‎02-01-2023 12:34 AM

Hi,

 

I think you are missing a policy. This Kb might help.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Dialup-IPsec-traffic-forwarding-to-site-to...

One step at a time
2863
0 Kudos
ammrider
New Contributor
In response to Hasnatriad

Created on ‎02-06-2023 07:20 PM

I have tried to use above solution but it still not works, I will try it again and make sure no any steps were skipped.

2762
0 Kudos
wasad
New Contributor

Created on ‎02-01-2023 01:29 AM

Hi Fortinet Support, the new version of FortiClientEMS, presumably 7.2, was to be released several months ago, but there has been no news. I have more than one ticket open for recog
2856
0 Kudos
wasad
New Contributor

Created on ‎02-01-2023 01:30 AM

FCT EMS 7.2.0 was released, you can download it from support portal.

2856
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.