Remote SSL VPN network is the same with the central Server network

Author
Dom5
New Member
  • Total Posts : 8
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/02/26 15:44:51
  • Status: offline
2020/03/26 06:15:11 (permalink)
0

Remote SSL VPN network is the same with the central Server network

Hi All,
 
I have the following dilemma where the remote site is the same IP range as the head office site.
I am configuring SSL VPN to access from the remote site. 
 
Is there away to configure without change the central office IP range?
 
I tried to follow the old kb but it did not work. 
 
I am using Fortios 6.2.3
 
Dom
 
#1
Toshi Esumi
Expert Member
  • Total Posts : 2031
  • Scores: 186
  • Reward points: 0
  • Joined: 2014/11/06 09:56:42
  • Status: offline
Re: Remote SSL VPN network is the same with the central Server network 2020/03/26 10:41:24 (permalink)
0
I'm assuming you're using tunnel mode with FortiClient. Then the problem happens on the client side since it sees the destination is on the local network. I haven't done this but I would think it would work if you assign a different subnet for the servers then set 1-to-1 VIP (you might need SNAT w/ ippool as well if the sever side needs to initiate sessions toward the client) with the real IPs, then apply them to the policy from ssl.root to the server interface.
#2
Jump to:
© 2020 APG vNext Commercial Version 5.5