Routing traffic VPN user to - site to site IPSec VPN - Azure Network | Fortinet Technical Discussion Forums

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes
- Member List
- Online User List
- User Groups

Videos, Docs Library, KB
Fuse
- Fuse Fortinet User Community

Mark Thread UnreadFlat Reading Mode ❐

Hot!Routing traffic VPN user to - site to site IPSec VPN - Azure Network

Author Post Essentials Only Full Version
walvarez New Member Total Posts : 4 Scores: 0 Reward points: 0 Joined: 2020/10/18 19:34:57 Status: offline 2020/10/18 23:51:03 (permalink) 0 Routing traffic VPN user to - site to site IPSec VPN - Azure Network Hello guys, I have configured an ipsec vpn between my fortinet and azure, and everything works ok, the traffic passes without problem. Additionally, I have configured an ipsec vpn with a forticlient user towards my fortinet and it connects well to my internal fortinet lan network. Now I want to make my user's traffic reach Azure, how can I do this? Can you give me the configuration guide? How to - Setup. ipsec vpn user ----- Fortigate 100e ---------- Azure Network 192.168.30.0/24 192.168.100.0/24 10.0.1.0/24 <---traffic ok-----> <---traffic ok-----> 30.0 \|<----------------------traffic failed------------------------->\|1.0 Thanks for your reply #1 3 Replies Related Threads
boneyard Gold Member Total Posts : 379 Scores: 16 Reward points: 0 Joined: 2014/07/30 11:15:18 Status: offline Re: Routing traffic VPN user to - site to site IPSec VPN - Azure Network 2020/10/19 08:45:11 (permalink) 0 i doubt there will be a guide or such specific enough for this. some things to consider - do you do full tunnel or split on the SSLVPN? - are there firewall rules allowing SSLVPN traffic to the Azure VPN? - does Azure VPN know the route back to .30.? #2
walvarez New Member Total Posts : 4 Scores: 0 Reward points: 0 Joined: 2020/10/18 19:34:57 Status: offline Re: Routing traffic VPN user to - site to site IPSec VPN - Azure Network 2020/11/25 20:06:45 (permalink) 0 Hi Boneyard, thanks for you reply. do you do full tunnel or split on the SSLVPN? It is not an ssl tunnel, it is an ipsec tunnel created by VPN wizard - are there firewall rules allowing SSLVPN traffic to the Azure VPN? Yes, there are rules allowing traffic to the azure vpn - does Azure VPN know the route back to .30.? Yes, on the azure is created the network 30.0 too. traffic still not flowing between 30.0 and 1.0. Attached image of rules in the fortigate. Thanks for your help. Attached Image(s) #3
isamt Bronze Member Total Posts : 48 Scores: 2 Reward points: 0 Joined: 2017/12/29 01:52:35 Status: offline Re: Routing traffic VPN user to - site to site IPSec VPN - Azure Network 2020/11/26 01:36:46 (permalink) 0 Using 192.168. addressing is probably not a good idea here as most vpn users will also be using this range at home. What you have is logically correct. Just a case of checking that the vpn user traffic for the Azure subnet actually is reaching the Fortigate. Then also checking that you see traffic from Azure coming back to the Fortigate for the vpn subnet. You can then easily see where the problem is, either Azure has no route back for the vpn subnet or the vpn client sending the traffic for Azure to their local network or the Forigate dropping the traffic. #4

Jump to:

© 2021 APG vNext Commercial Version 5.5