Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

issue in configuring IPSec

Dear Support members

Need support
like every office we are using private IPs also the ISP-provided IPs are private now i am going to configure IPSec remote access VPN from last month I am trying to configure VPN so that we can access our office network from home but I am unable to do it. watched more than 20 videos on youtube but was unable to resolve the issue need support on how to configure this VPN


Hi @altafuom 

Thanks for posting your query


As you mentioned that you are trying to build IPsec based on the Private IPs, so can you confirm if the Tunnel you are trying to build is on MPLS link

In case of internet link the traffic from the private IP will not be routed over the internet to reach the peer end.
Consider a below topology FYR

Branch-1FW(Private IP)-------RTR----------INTERNET-----------(Public IP)FW-branch-2/Remote Users(forticlient)

So the FW in Branch-1 is behind the ISP router i.e behind the NAT device and in the Branch-2 if you will configure the remote gateway as the private IP of branch-1 it will not help

so in the branch-2 you need to give the tunnel type as dial-up user and try.

In branch-1 the remote gateway will be the public IP of other branch.


To which IP you are trying to connect to the VPN from home internet, if you are using the private IP it will not be routable to internet.

DOC fyr


New Contributor

thanks for reply 

Our network looks like below

Office network Private IPs---(Firewall here))--------(internet)--also private IPs from ISP----->>>>Remote(Forticlient)

Firewall Lan interface Private IPs and Wan interface also Private IP so that's the confusion...also No MPLS simple shared internet provided by ISP...





Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors