Hi,
Branch A and B offices have a site-to-site VPN connection, everything is OK, branch A PCs can access branch B office server files and folders if A branch PC has mapped the network drive under the Windows 10, e.g. H drive.
Recently, we have enabled the client-to-site VPN connection to branch A office so that staff can access branch A office server files if our colleagues will be worked from home, staff laptop can access branch A office files but staff laptop cannot access branch B office file server.
If use ping command:
laptop can ping branch A network (192.168.1.x) but laptop cannot ping branch B network (192.168.2.x)
I have tried to add a static route on the laptop Windows but it still doesn't work.
How a laptop can access both branch A and B server files even both offices are using site-to-site VPN (diagram attached)
Branch A office using FortiGate 61F firewall.
Appreciate that if someone can help.
Below article explains the similar setup, could you please recheck if your configuration is matching with the recommendations.
https://docs.fortinet.com/document/fortigate/6.2.12/cookbook/45836/ssl-vpn-to-ipsec-vpn
Thanks Suraj,
I use following IPsec-VPN to connect branch FortiGate firewall configuration, connecting to branch A office is OK, just it cannot connect to branch B office network from any laptops, however, I will go thru again from below steps.
https://docs.fortinet.com/document/fortigate/6.2.12/cookbook/785501/forticlient-as-dialup-client
Hi @ammrider,
A firewall policy is required to allow traffic from dialup IPsec clients to branch B office.
In case the issue persists, running debug flow will help in identifying the issue.
Hi,
I think you are missing a policy. This Kb might help.
I have tried to use above solution but it still not works, I will try it again and make sure no any steps were skipped.
FCT EMS 7.2.0 was released, you can download it from support portal.
User | Count |
---|---|
2674 | |
1410 | |
810 | |
702 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.