Fortigate 50B Remote Client VPN Setup

I am trying to setup a remote user VPN, and no matter what i do, the clients can connect but they cannot the internal network when doing so. I created phase1/phase 2, and assigned a DHCP of 192.168.4.x to remote users, and my internal lan subnet is 192.168.5.x. They are authenticated but cannot reach anything in the 5.x subnet. I created a firewall policy to allow traffic from the WAN to the Internal LAN, and also from 192.168.4.x to 192.168.5.x, not sure what else to do at this point
LVL 4
Cobra25Asked:
Who is Participating?
 
WhiteratConnect With a Mentor Commented:
As far as I recall, Dialup IPSEC tunnels are created as a separate interface/zone.

i.e if the Phase1 of the dialup tunnel is called "DIALUP" then you must make a policy from the interface "DIALUP to LAN and vice versa.
0
 
2CsCommented:
No familiar with Fortigate but you need a network translation rule to say that 192.168.4.xxx are on the same network as 192.168.5.xxx.

What rule have you created? What ports, protocols, etc. does it allow?

Al
0
 
2CsCommented:
*network address translation (NAT)
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
iworks-uworksCommented:
Are you trying to complete a site-to-site VPN? Or a user dial-up VPN?
Can you post a screen shot of your policy setup?
0
 
Cobra25Author Commented:
Its a user dial up VPN.

I got it working, by turning off the IP-Sec VPN.
0
 
Cobra25Author Commented:
Sounds about right
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.