VPN routes are not advertised to client.
My setup(in basics): I have multiple Fortigate SG60, they are different physical locations. I configured a site-to-site IPsec VPN between the Fortigate SG60 in the DC to all sites. Which works fine (as far as I know). Lets call DC site A.
I have a MGMT vlan and within this VLAN multiple VMs reside. It is possible to ping from a VM in site A to site B. In other words, to ping the other side of the VPN tunnel.
I also have a dial-up VPN from my laptop to site A. Which works fine. From my laptop it is now possible to enter the MGMT network. Also it is possible to ping site B over the VPN. The routes are advertised. So far so good.
Now the problem, I recently added site C. A new Fortigate on a different physical location. IPsec site-to-site works fine. Also it is possible to ping site C from a VM in the mgmt network in site A. What is not possible: to ping site C from my laptop (that is connected with the dial-up VPN).For some reason the route to this site are not advertised by fortigate. When I start a traceroute frrom my laptop it just tries to find site C on the public internet...
I added the same firewall rules and static routes as for site B (which is accessible from my laptop).
Now my question to you: does anyone have an idea what could be wrong? What kind of information(configs, tests idk) would you like to see in order to the a grasp of the problem.
If someone has a clue please share it with me!