Hot!ipsec vpn connected but cannot ping remote site

Author
jlong
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/09/06 05:38:48
  • Status: offline
2019/09/06 06:05:40 (permalink)
0

ipsec vpn connected but cannot ping remote site

my local ip is 192.168.2.33.
i setup IPSec VPN in office's Fortinet Wifi 60E.
i use FortiClient VPN connect office site and it works and gets ip 192.168.0.10.
but i cannot ping any office computer.
please advise to help.
thanks,
Joe
 
#1

7 Replies Related Threads

    orani
    Silver Member
    • Total Posts : 89
    • Scores: 1
    • Reward points: 0
    • Joined: 2019/07/11 12:54:18
    • Location: Athens
    • Status: offline
    Re: ipsec vpn connected but cannot ping remote site 2019/09/06 16:25:29 (permalink)
    0
    Did you set up the needed rules to allow traffic go throw? 
    #2
    jlong
    New Member
    • Total Posts : 5
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/06 05:38:48
    • Status: offline
    Re: ipsec vpn connected but cannot ping remote site 2019/09/06 18:02:30 (permalink)
    0
    i set the policy as below:
    Incoming Interface: FortiClient
    Outgoing Interface: lan
    Source: FortiClient
    Destination: all
    Service: ALL
    NAT enabled
    IP Pool Configuration: Use Outgoing Interface Address
    #3
    orani
    Silver Member
    • Total Posts : 89
    • Scores: 1
    • Reward points: 0
    • Joined: 2019/07/11 12:54:18
    • Location: Athens
    • Status: offline
    Re: ipsec vpn connected but cannot ping remote site 2019/09/07 03:59:55 (permalink)
    0
    You need to disable nat and create also a reverse rule. From lan to forticlient....
    #4
    jlong
    New Member
    • Total Posts : 5
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/06 05:38:48
    • Status: offline
    Re: ipsec vpn connected but cannot ping remote site 2019/09/08 17:41:45 (permalink)
    0
    I disable the NAT.
    Incoming Interface: FortiClient
    Outgoing Interface: lan
    Source: FortiClient
    Destination: all
    Service: ALL
    NAT DISABLED
    IP Pool Configuration: Use Outgoing Interface Address
     
    I create a reserve rule:
    Incoming Interface: lan
    Outgoing Interface: FortiClient
    Source: all
    Destination: FortiClient
    Service: ALL
    NAT disabled
    IP Pool Configuration: Use Outgoing Interface Address
     
    But, it still fails to ping.
    I also find that the network icon at bottom right corner becomes disconnect from the internet after ForiClient is connected. 
    #5
    orani
    Silver Member
    • Total Posts : 89
    • Scores: 1
    • Reward points: 0
    • Joined: 2019/07/11 12:54:18
    • Location: Athens
    • Status: offline
    Re: ipsec vpn connected but cannot ping remote site 2019/09/08 17:57:58 (permalink)
    0
    When you configured vpn, did you enabled ipv4 split tunnel? If yes try disable it
    #6
    jlong
    New Member
    • Total Posts : 5
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/06 05:38:48
    • Status: offline
    Re: ipsec vpn connected but cannot ping remote site 2019/09/08 18:55:47 (permalink)
    0
    the ipv4 split tunnel is set to DISABLE.
    but the problem is still.
    #7
    jlong
    New Member
    • Total Posts : 5
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/06 05:38:48
    • Status: offline
    Re: ipsec vpn connected but cannot ping remote site 2019/09/08 19:10:25 (permalink)
    0
    I find that when vpn connected, the Fortinet Virtual Ethernet Adapter (NDIS 6.30) get correct IP 192.168.0.191 and correct DNS. But the gateway gets incorrect IP 192.168.0.192. Should it be the Fortinet's IP 192.168.0.1? if yes, how to set it?
    #8
    Jump to:
    © 2019 APG vNext Commercial Version 5.5