Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Fortigate 50B Remote Client VPN Setup

Posted on 2010-09-09
6
Medium Priority
?
2,803 Views
Last Modified: 2012-05-10
I am trying to setup a remote user VPN, and no matter what i do, the clients can connect but they cannot the internal network when doing so. I created phase1/phase 2, and assigned a DHCP of 192.168.4.x to remote users, and my internal lan subnet is 192.168.5.x. They are authenticated but cannot reach anything in the 5.x subnet. I created a firewall policy to allow traffic from the WAN to the Internal LAN, and also from 192.168.4.x to 192.168.5.x, not sure what else to do at this point
0
Comment
Question by:Cobra25
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 5

Expert Comment

by:2Cs
ID: 33644858
No familiar with Fortigate but you need a network translation rule to say that 192.168.4.xxx are on the same network as 192.168.5.xxx.

What rule have you created? What ports, protocols, etc. does it allow?

Al
0
 
LVL 5

Expert Comment

by:2Cs
ID: 33644859
*network address translation (NAT)
0
 
LVL 4

Expert Comment

by:iworks-uworks
ID: 33648399
Are you trying to complete a site-to-site VPN? Or a user dial-up VPN?
Can you post a screen shot of your policy setup?
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 4

Author Comment

by:Cobra25
ID: 33648406
Its a user dial up VPN.

I got it working, by turning off the IP-Sec VPN.
0
 
LVL 4

Accepted Solution

by:
Whiterat earned 1500 total points
ID: 33651337
As far as I recall, Dialup IPSEC tunnels are created as a separate interface/zone.

i.e if the Phase1 of the dialup tunnel is called "DIALUP" then you must make a policy from the interface "DIALUP to LAN and vice versa.
0
 
LVL 4

Author Closing Comment

by:Cobra25
ID: 33666816
Sounds about right
0

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Desktop Shadowing often has a lot of benefits. When helping end users determine problems, it is much easier to see what is going on, what is being slecected and what is being clicked on. While the industry has many products to help with this,…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question