About GCJBL

GCJBL · 09-07-2018

All our offices are fortigates on 6.x firmware connected via IPSEC tunnels. Each office has its own unique LAN subnet, but also has a unique DHCP-based subnet strictly for wifi clients. NAT-based policy in each direction routes wifi clients back to t...

GCJBL · 09-12-2018

Yes, sorry. I am not using policy routing but was actually referring to policy taking care of traffic flow. Thanks again for the suggestions!

GCJBL · 09-11-2018

Eureka! Pretty sure I have this working now, but not exactly as one would think. Making both the IPSEC phase 2 selectors 0.0.0.0/0 was apparently a key tenet for policy subnets to traverse the tunnel, so thanks for that! Ended up making an additional...

GCJBL · 09-10-2018

OK, additional question time. Is this all assuming that I take NAT off the wifi<->LAN policies in each office and make them also static? Instead of an address group, couldn't I just add the applicable subnet addresses to each tunnel policy (add wifi ...

GCJBL · 09-10-2018

Ede and Esumi, thanks! Will try to digest this and come back with any questions. Much appreciated.

User Statistics

User Activity

Routing across 3 (or more) subnets through a VPN tunnel?

Re: Routing across 3 (or more) subnets through a VPN tunnel?

Re: Routing across 3 (or more) subnets through a VPN tunnel?

Re: Routing across 3 (or more) subnets through a VPN tunnel?

Re: Routing across 3 (or more) subnets through a VPN tunnel?