Hello all.
I'm facing a problem with VPN IPSEC.
On the LAN interface I've two addressing, primary and secondary, and I would put into the encryption domain of the phase 2, the secondary subnet.
It seems all fine; phase 2 goes UP, but the traffic doesn't pass through the tunnel. Routing is correct.
Instead, if I configure primary subnet, it works perfectly as expected.
Do you know why?
Check route&policy on both sides of the tunnel. Then run sniff to see which side is dropping and run "flow debug" on the dropping side.
Very strange!
After I wrote it worked.
I restarded the FGT and done againg the VPN configuration; I see the route for the secondary subnet, the phase 2 come up and the traffic passes.
Sorry and thx.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.