Dear all,I have a strange issue since 6.2 release (not 100% sure but
probably when i've updated from 6.0.x to 6.2.5) My configuration is: A
Vdom "company" with all my internal VLANs and DMZ. A Vdom "root" with
only one physical interface (port11): a ...
Hi AllThanks for reading. I've mounted IPSec tunnel from SITE A (many
subnets) to SITE B (remote office, one subnet)All work as expected, but
i' need to push internet trafic into the tunnel from site B to site A.
Here some details: Site B Configurati...
Hi All, I'm in a "specific" case where my WAN interface IP is private
(I'm into a metropolitan network) and used only for interconnect my
networks using static routes.My DMZ Public Subnet is on "DMZ"
interface/Vlan. I use SSL-VPN in Web and Tunnel mo...
Hi all, I have difficulties in cases where the FGT' s WAN port had no
public IP address but a private one (having the FGT behind an
Metropolitan Network; with private address). I have found different
topics for this problem but i was not able to find...
Hi Emnoc, Thank you for your quick reply. Yes APIPIA address are used,
don't know why, i'll change that. About diag debug { "Denied by source
check, drop" }, that's what i'm looking for. And yes, i'm checking
routing actually! Regards,
I've found the solution myself!!! That was an internal routing
error.Adding 0.0.0.0/0 via IPSec interface as BlackHole (distance 254)
in the static policy routes solved my issue!
Issue solved by Fortinet Support. In my configuration i have to add this
in config file: firewall # config vpn ssl settings firewall (settings) #
firewall (settings) # set route-source-interface enable
Hi,Thanks for your help! Sorry for the delay...I was enthusiastic about
that, but that does not solve the issue :'( Static routes tab:Subnet
Gateway0.0.0.0/0 10.249.0.1 Metropolitan_NET (wan1) Distance:15 .
Priority 0172.20.130.0/23 SSL-VPN tunnel in...
