Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor III

ipsec vpn two way communication

Hi sorry for my eanglish i have a problem with config ipsec vpn. I configure vpn and i can connect from licent to my network, but i can' t connect form lan to client. Problem is in routing but i dont have idea how to configure it. i have a wan2 with ii eg. and i have a few secondary ip eg. i config this on wan2 interface i add static route dest device wan2 gateway i add few policy routing and every thinks works fine for me. i add vpn and there is only one way communication. this is debug output when i tray ping my vpn client
 FortiGate # id=13 trace_id=3496 msg=" vd-root received a packet(proto=1,> from port1." 
 id=13 trace_id=3496 msg=" allocate a new session-00108b5a" 
 id=13 trace_id=3496 msg=" Match policy routing: to via ifindex-10" 
 id=13 trace_id=3496 msg=" find a route: gw- via wan2" 
 id=13 trace_id=3496 msg=" find SNAT: IP- IPPOOL), port-62464" 
 id=13 trace_id=3496 msg=" Allowed by Policy-1: SNAT" 
 id=13 trace_id=3496 msg=" SNAT>" 
when i delete a static routing vpn works fine but i dont have a internet access and i cant access from internet to my www/mail server. how to set up routing to make things work? anybody can help me? best step by step :)
Top Kudoed Authors