Hello,
I' ve got a problem between a FGT60B (running v4 MR2 P2) and a Cisco 3825 v12.41A.
The VPN ist established. The network behind the Cisco should reach a Webserver behind the FGT. ICMP works fine in both directions. But the network behind the Cisco can' t reach the Webserver (or anything else - i.e. FTP).
In the session list I can see the incoming packet with the policy.
The webserver behind the FGT don' t even log the try of the network behind the Cisco.
I' ve tried the same setup with another Fortigate and it works.
It' s strange - I can see the packet in the session list, but not in the webserver.
Setup:
- Interface Mode
- Route is defiened (remote network via VPN interface)
- Policy between internal and VPN interface - everthying allowed (nothing else activated - no NAT, no AV, no IPS, no UTM .... )
- Same settings in the other direction.
- NAT traversel ist active in VPN P1
Got somebody similar problems with a Cisco?
Do I have to change some settings in the FGT?
Best regards,
Patrick