Hi all,
I don't know if it is possible but maybe you guys can help me out.
So we want our Exchange Online mailserver sending certain e-mails to a backend system.
Mails are send to the Fortigate virtual IP and maps it to an IP address behind a S2S vpn.
Policy:
From 'WAN'
To 'S2S'
Source: Exchange Online servers
Destination: VIP
Port: 25
I also added the public IP address to the Phase 2 Selector on the S2S. There is some traffic hitting the policy but on the other end of the VPN no traffic is seen.
Anyone got an idea?
Greetings,
Paul
I should work as long as the other side routes packets toward the online sever back through the tunnel. Check the routing on the other end and if correct, run sniffer on both ends while sending port 25 traffic to the wan interface. You might need to disable "auto-asic-offload" at the policies to see all packets through the tunnel in sniffing.
User | Count |
---|---|
2624 | |
1392 | |
804 | |
667 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.