Hi,maybe someone has an idea, me not, anymore. :( Setuplan port 1, net
172.31.0.0/16 (NAT)|(site 1) Fortigate, WAN with public IP (fiber
connected)|IPSEC site to site|(site 2) Fortigate, WAN with public IP
(fiber connected)|lan port 1, net 10.20.20.0...
Hi,we have the following setup here. office: Fortigate 101E, network is
172.31.0.0/16, static public IP over WAN1, using a LWL fiber
connectremote: Fortigate 30E, network is 192.168.5.0/24, dynamic public
IP over WAN1 behind the cable modem I got it ...
toshiesumi wrote:No, the /32 static route at FG-2 is not routed to the
outside IP of the WAN interface, it's routed into the tunnel or tunnel
interface IP. You must have set the DNAT policy toward the tunnel
interface. Have you actually sniffed them?...
We got it working. How to do it:Set a NAT-Pool, set outgoing to the ip
of the LAN - IP of LAN-Port 1 of Fortigate #1,on the policy of the
virtual IP or virtual server, enable NAT, and then, choose the pool from
before,so in this example, my Fortigate...
toshiesumi wrote:If only one source is using the access, that would do
it. Don't forget to add it to IPsec phase2 selectors. I did so, but, it
does not work, either. It also can´t work I suppose. Public ip on FG-1
is connecting to wan1, forwarding to...
toshiesumi wrote: I don't have a definitive solution if you can't change
the default route at FG-2. Probably adding a SNAT in addition to DNAT to
the policy would mitigate, but I haven't tried before. Somebody else
might be able to chime in. Maybe a ...
With 5.6 and 5.6.1, same problem on a 101E :(I was wondering some
traffic was dropped,disabling antivir in the rule, let it work. My first
idea was the IDP is hanging, but it is the antivir rule.Bad bug again
;(. It was there in FortiOS from 5.2 and ...
