Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mylouch
New Contributor

Created on ‎06-30-2015 06:10 AM

client to site ipsec vpn established but can't reach local ressources

Hello all, 

I set up a vpn tunnel (ipsec vpn) on a fortigate 60D (forti OS 5.0). The link is up and I'm successfully connected through forticlient. The problem is I can't bing to any ressources in my local network even though the link is established

Any idea about this problem.? Besides I lost internet connection  How can I fix those problem

Thank you in advance 

7339
0 Kudos
1 REPLY 1
Sandeep_FTNT
Staff
Staff

Created on ‎06-30-2015 07:35 AM

Make sure following is configured .

- firewall policy created is from VPN phase-1 interface to internal

- create a static route for VPN subnet with interface as VPN interface (which is VPN phase1 name ) 

 

With regards to loosing internet then  make sure split tunnel is enabled , command is given below 

 

config vpn ipsec phase1-interface

edit <name>

set ipv4-split-include <   > ======> select the address object created for LAN network 

end

 

If you dont want to enable split tunnel then create a firewall policy from vpn interface to WAN and enable NAT for internet access which is essentially full tunnel. 

 

 

 

1317
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.