Hi, Based on the routing output, I assume the issue is an RPF (reverse
path forwarding) failure. The IP 10.11.30.200 behind FW1 is reaching FW2
via Port2; however, for FW2, the best path to reach the source IP is via
Port1. Consequently, the RPF chec...
Hi @JeffreyMik If it is IKEV1 you can use 'set mesh-selector-type
subnet' command in Phase1 configuration. Refer the following link for
more
details.https://community.fortinet.com/t5/FortiGate/Technical-Tip-Dynamic-creation-of-IPsec-tunnels-IKEv1-dyn...
