Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec Fortigate to pfSense Routing issue

    Scheduled Pinned Locked Moved IPsec
    2 Posts 1 Posters 477 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stumpi
      last edited by

      This is my first pfSense Setup an i have a strange (for me) problem with the traffic from the fortigate site to the pfSense site.

      I set up a site-to-site tunnel via ipsec, the tunnel is up and i can ping from a client behind the pfSense to a client behind the Fortigate. If i ping from behind the Fortigate to a client behind the pfSense i do not get an answer. A tcpdump at the client behind the pfSense shows that the ping arrives but is coming from the ip 192.168.31.9, but i dont have any network with this ip. Is the psSense doing any "conversion" with the ip-adresses? The original source (net behind Fortigate) is 192.168.18. I have no idea where the 192.168.31.9 is comming from.
      Does anybody have some suggestions?

      1 Reply Last reply Reply Quote 0
      • S
        stumpi
        last edited by

        Solved,
        cause was a false configured policy at the Fortigate. In the policies for (incoming/outgoing) traffic the "NAT" switch was enabled. Why the fortigate choose the ip-adress of the DMZ interface instead the ip of the WAN interface is a mystery to me. So i was wrong when i said i don't have a Network with the IP 192.168.31.9. This IP was configured for an older test scenario but not used anymore and even the interface was not connected.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.