Hello,We have an Hub n spoke architecture.Each spoke (3) can ping
networks each other (NAT disabled). When NAT enabled on spoke zone to
spoke zone, spokes can't ping each other. At this time, Internet access
on spoke sites pass throught their Interne...
Hello,I have a hub and spoke with three spokes. Everything is ok,
clients from spokes networks can join each other and to the central
network (ping, AD, SMB, DNS).From central, everythings is ok too.BUT
,from hubs and spokes CLI, i can't ping nothing...
Hello forti guys, We have a physical Fortimail 100C and we would like to
migrate to fortimail 200DOn fortimail 100C, firmware is
v5.0,build0107,130226 (GA) We don't have the fortimail 200D yet, so i
don't know which fortiOS he has. Is it possible to ...
@boneyard Thank you very much, i finally understood what to do : Summary
: On the HUB : VPN Phase 2 0.0.0.0/0.0.0.0 local and remote (to adapt if
there is several phase 2, 0.0.0.0 for local only) Create a policy
ZONE_VPN TO WAN with Internet access a...
Hello,Here's a schema of what i want.(I've contacted support but they
sent me a documentation that i've already used but don't talking about
Internet Browsing. Actually, my spokes can talk each other and can join
the hub.Internet browsing pass throug...
Hello, i'm back on site.When i put default route through VPN, it does
not work.I can't put 0.0.0.0-0.0.0.0 on phase 2 too.Can you make me a
schema for good understanding?I can join my configurations if you
The problem is that i can't browse internet from spoke through hub. I
will test your first answer on 9 october. I can't do it now : "you need
to set your default route to the VPN. but dont forget the put a static
route to the VPN IP of the hub to the...
I do not use NAT for hub and spoke.Did i assign ip adresses? I dont
understand, Each forti has IP adress, but for zones, no ip
addresses.Like this (image on attachment)"For your central internet
setup, NAT is only employed on the hub in the outbound ...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.