4. IPSec Fortigate to pfSense Routing issue

IPSec Fortigate to pfSense Routing issue

  • S

    This is my first pfSense Setup an i have a strange (for me) problem with the traffic from the fortigate site to the pfSense site.

    I set up a site-to-site tunnel via ipsec, the tunnel is up and i can ping from a client behind the pfSense to a client behind the Fortigate. If i ping from behind the Fortigate to a client behind the pfSense i do not get an answer. A tcpdump at the client behind the pfSense shows that the ping arrives but is coming from the ip 192.168.31.9, but i dont have any network with this ip. Is the psSense doing any "conversion" with the ip-adresses? The original source (net behind Fortigate) is 192.168.18. I have no idea where the 192.168.31.9 is comming from.
    Does anybody have some suggestions?

    0
  • S

    Solved,
    cause was a false configured policy at the Fortigate. In the policies for (incoming/outgoing) traffic the "NAT" switch was enabled. Why the fortigate choose the ip-adress of the DMZ interface instead the ip of the WAN interface is a mystery to me. So i was wrong when i said i don't have a Network with the IP 192.168.31.9. This IP was configured for an older test scenario but not used anymore and even the interface was not connected.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy