Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
absolut0128
New Contributor

Sending all local traffic over L2L IPSEC VPN tunnel to hub

I'm somewhat new to IPSEC VPNs on Fortigate, and am having some trouble figuring out how to send all local traffic (including from the Fortigate itself) over the tunnel to the hub site.  Our security policy dictates that we don't do any split tunneling, which includes traffic originating from the firewall, switch, and APs at the site talking to Fortinet.  We have no issue with user traffic, which is working perfectly, but traffic that originates from the secure fabric is not going across the tunnel for licensing and registration and such.

 

I'm sure it's something simple...

2 REPLIES 2
spoojary
Staff
Staff

Check the below doc : https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-IPsec-VPNs-tunnels/ta-p/195955 

Also you can check : https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/520377
Here you can choose your config and go ahead and check the config if it correctly added or not.

To force all local traffic, including traffic originating from the FortiGate itself, to go over the IPsec VPN tunnel, you'll need to set up a specific policy and routing configuration.

 

Siddhanth Poojary
knagaraju
Staff
Staff

Hello Absolut0128,

May I know if the fortigate is in HA or standalone?

Could you please refer the below link
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Self-originating-traffic-over-IPSec-VPN-Fo...


Regards,
Nagaraju.

Labels
Top Kudoed Authors