I have a problem, I have double nat done on tunnel_VPN and want to create static routing for another network from tunnel 172.22.0.0/24, but when I check traceroute it sends it out into space. I add a signal to go through my WAN gateway (port1) and add the tunnel_VPN interface I created, but that doesn't work. Can anyone help me?
Thank you. And how is your tunnel configured? Do you have 0.0.0.0/0 as selectors or specific subnets? Also, I want to clarify, is traffic working and only traceroute is showing incorrect next-hop or traffic via tunnel is not working at all?
Thank you. If I should guess, it is related to the SNAT. Is FortiGate also on remote end? Or it is different vendor? If it is FortiGate, then do one debug flow on each device would be the best to see if traffic is routed correctly or not.
In your case, because you don't have IP address on tunnel interface, traceroute will show you IP address of the interface with the lowest index. I recommend to run debug flow on both devices and check what is happening with the packet.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.