VPN with two internal subnet : how to ?

Support Forum

The Forums are a place to find answers on a range of Fortinet products from peers and product experts.

Hello,

I'am facing with a "strange" issue with a Fortigate 200e firewall (firmware 5.6). We use VPN for a long time now. One site-to-site and another for an access with Forticlient. Both works fine.

But this fortigate is behind one internet connection and provide internet access for 3 subnet separate by VLAN in the same building.

|--> subnet 10.x.x.x/24

WAN --> Fortigate -->|--> subnet 172.x.x.x/24

|--> subnet 192.x.x.x/24

Our network is the 192.x.x.x and VPNs WAN to 192.x.x.x/24 is working fine. But when I make a new VPN connexion (for forticlient remote access use) to subnet 10.x.x.x the conenxion fail. I create the VPN connexion with VPN Wizard and remote access template but the client can't connect. There is no log in WEB interface's VPN envent, but I have some trace with the CLI.

I have two log one with a non working remote access and one with a working remote access. Both use the same username/password but the shared key is diferent.

Here the file with two logged connexions :

Why the remote access refuse to work with any subnets other than the 192.x.x.x one. And how the make it works with others subnet ? Thanks ;)

35 KB

1824

0 REPLIES 0

Top Kudoed Authors

User

Count

1720

1095

752

447

234

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

VPN with two internal subnet : how to ?

Nominate a Forum Post for Knowledge Article Creation