Site-to-site subnets

freber · ‎07-06-2018

Hi all,

Im trying to setup a site-to-site vpn between two 60E devices. On one end I finished the wizard without any problems, but on the other end I get some error regarding subnets (see pucture). But I dont see any conflicts my self. What can be wrong?

AK · ‎07-06-2018

We need more information.

What are the configured subnets on the site with the error ?

Regards

Andreas

freber · ‎07-06-2018

akrohn wrote:
We need more information.
What are the configured subnets on the site with the error ?

Regards
Andreas

There are non really. The internal interface looks like this

freber · ‎07-06-2018

Or maybe there is...

There is a dmz on that net. is that something thats added by default? This is a brand new firewall and I havent added it myself. Can I just delete it?

emnoc · ‎07-06-2018

The error should be obvious but the remote subnet conflicts with a local subnet. Have you ran thru and LOOK at all local subnets to see if any overlap?

Ken

PCNSE

NSE

StrongSwan

rwpatterson · ‎07-06-2018

freber wrote:
Or maybe there is...

There is a dmz on that net. is that something thats added by default? This is a brand new firewall and I havent added it myself. Can I just delete it?

You can just change the network number to something else you won't be using, i.e. 11.11.11.1/24. To make your life easier, you should always stray away from default IP addressing, so in the future you won't run across this again.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

AK · ‎07-06-2018

Your DMZ network is overlapping with your remote network.

Change the IP of the DMZ to 0.0.0.0/0 and disable it, when you don't need this interface.

Regards

Andreas