Hot!VPN IPSEC - Client can't connect to other site

Author
papapuff
Silver Member
  • Total Posts : 120
  • Scores: 0
  • Reward points: 0
  • Joined: 2012/05/24 20:31:44
  • Status: offline
2019/04/07 03:27:46 (permalink)
0

VPN IPSEC - Client can't connect to other site

Hi there,
 
need help please.
we've configured 2 networks connected under VPN IPSEC. both use Fortigate appliance, firmware 5.6.x (forget exact version).
 
site_1 use dynamic IP Public, and fortigate ddns.
site_2 use IP Private (Behind NAT, basically has IP Public, but locked by Provider, must use their own Router).
 
VPN connect successfully. but the issue are:
1. Site_2 can only use zero/thin client computer to connect network site_1 (basically, use Remote desktop technology to connect server on site_1).
2. while use PC / standalone computer on site_2, that PC can't:
- browse network on site_1
- access remote desktop to server on site_1
- from site_1, also can't detect computer on site_2
 
kindly please help how to solve this.
 
thank you.
#1

3 Replies Related Threads

    makco10
    Silver Member
    • Total Posts : 91
    • Scores: 0
    • Reward points: 0
    • Joined: 2015/01/20 15:21:33
    • Location: Honduras
    • Status: offline
    Re: VPN IPSEC - Client can't connect to other site 2019/07/08 21:54:34 (permalink)
    0
    Hello,
     
    This VPN is routed based or policy based, if you create the vpn with de wizard is routed based and you need to confirm that you have the following:
     
    - Policy in (LAN to VPN interface) NAT Disable
    - Policy out (VPN interface to LAN) NAT Disable
    - static route (destination remote lan and select VPN interface)
     
    Also you can do a debug flow from site 2 fortigate to look how the traffic is being redirected.
     
    Sorry for my bad english.
     
    Regards.

    Defend Your Enterprise Network With Fortigate Next Generation Firewall

    #2
    papapuff
    Silver Member
    • Total Posts : 120
    • Scores: 0
    • Reward points: 0
    • Joined: 2012/05/24 20:31:44
    • Status: offline
    Re: VPN IPSEC - Client can't connect to other site 2019/07/12 16:48:36 (permalink)
    0
    hi,
    thank you for your advice.
     
    for the policy, refer to fortigate on site_2?
     
    #3
    papapuff
    Silver Member
    • Total Posts : 120
    • Scores: 0
    • Reward points: 0
    • Joined: 2012/05/24 20:31:44
    • Status: offline
    Re: VPN IPSEC - Client can't connect to other site 2019/07/24 20:27:40 (permalink)
    0
    hi makco,
     
    sorry for long feedback.
    already to do so, for policy and static route.
     
    however, still can't work. any advice?
    #4
    Jump to:
    © 2019 APG vNext Commercial Version 5.5