Hot!fortigate registration over ipsec VPN

Author
Amalio C
New Member
  • Total Posts : 11
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/03/08 07:08:28
  • Location: FL
  • Status: offline
2018/12/12 06:16:07 (permalink)
0

fortigate registration over ipsec VPN

Hello. 
 
I have installed a new FortiGate 60E (FortiOS 5.6.4) as a branch office FW. All the traffic (0.0.0.0/0) is routed through a VPN to our HQ. I'm using the wan1 interface and I also have policies to allow the internal IP (belonging to HW SW interface) to internet and our internal net. The weird thing here is that all the hosts connected to internal interface function properly, but the internal fortigate interface itself do not work properly. I can connected for management but I can not ping, nslookup, internet access, etc for traffic generated on that interface. I can not add the FortiCare Support. I'm trying to create a specific static routes and add A DNS entry (8.8.8.8) to allow access just for FortiCare Refgistration.
My thought is the FortiGate is using the WAN interface as a source IP for all this connections, instead of the internal, and this IP is not allowed in the VPN tunnel. What do you recommend guys to allow this access? includes the wan IP on the VPN tunnel ? 
 
Thanks,  
#1

1 Reply Related Threads

    Amalio C
    New Member
    • Total Posts : 11
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/03/08 07:08:28
    • Location: FL
    • Status: offline
    Re: fortigate registration over ipsec VPN 2018/12/14 06:42:50 (permalink)
    0
    Guy, the actual issue is with the source-ip.
    Hi,
    I would like to know a way to know and modify the source-ip on a FortiGate globally. I have read this article but it just works for specific services. I like to find a way to do it globally
    https://help.fortinet.com...hlight=set%20source-ip

    Thanks
    #2
    Jump to:
    © 2019 APG vNext Commercial Version 5.5