Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Cleyton_Agenil_da_Si
New Contributor

create VLAN subnet access route through site-to-site VPN

Hello, I'm having trouble getting access to the VLAN subnet of the branch company passed through the VPN tunnel I have a site-to-site VPN connection with 2 Fortigate 80E and 50E. Company HQ FGT 80E -> BRANCH FGT 50E I can access and ping perfectly between VPN networks through the tunnel. However, in the branch office I have a VLAN subnet configured in the 50E where the VoIP phones are. But I can't access this VLAN subnet originated from HQ FGT 80E through the tunnel. I believe my problem is with the route. I am grateful for the help.

1 REPLY 1
sw2090
Honored Contributor

yes client need s to have a route to the vlan subnet and FGT needs to have policy that allows this traffic.

 

Most easiest way if you use ipsec is enable mode config and split tunneling and set it to an addres group that contians all subnets you need to access from client. This will push the required routes to your clients.

Then you still need some policy to allow traffic..

 

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Labels
Top Kudoed Authors