I've two Fortigate's here and I use one of them for each site.
Site A Site B 192.168.2.0/24 <---------- VPN --------> 192.168.10.0/24
The employees connect via PPTP to Site A and can just access this site, but not site b.
The Ipsec tunnel between site a and site b is working fine and I'm also able to establish a VPN connection from any PPTP client to site A, but I can't reach Site B.
config firewall policy
edit 5
set srcintf "internal"
set dstintf "wan1"
set srcaddr "Local_LAN"
set dstaddr "Remote_LAN"
set action ipsec
set schedule "always"
set service "ANY"
set inbound enable
set outbound enable
set vpntunnel "tunnel"
next
edit 1
set srcintf "internal"
set dstintf "wan1"
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "ANY"
set nat enable
next
edit 50
set srcintf "wan1"
set dstintf "internal"
set srcaddr "PPTP"
set dstaddr "all"
set action accept
set schedule "always"
set service "ANY"
set nat enable
next
edit 4
set srcintf "wan1"
set dstintf "wan1"
set srcaddr "PPTP"
set dstaddr "all"
set action accept
set schedule "always"
set service "ANY"
set nat enable
next
end
Does anyone know which policy need to set, so that I can reach it? Thanks
Update:
192.168.2.1(Site a router) to 192.168.10.1(site b router) traceroute
traceroute to 192.168.10.1 (192.168.10.1), 32 hops max, 72 byte packets
1 192.168.10.1 33.596 ms 33.415 ms 32.957 ms
PPTP client to site b router traceroute
traceroute to 192.168.10.1 (192.168.10.1), 64 hops max, 52 byte packets
1 192.168.2.160 (192.168.2.160) 37.521 ms 33.914 ms 33.654 ms
2 h254.s98.ts.hinet.net (168.95.98.254) 58.420 ms 50.837 ms 49.903 ms
3 tp-s2-c6r11.router.hinet.net (168.95.82.46) 49.852 ms 50.701 ms 51.416 ms
4 tpdt-3011.hinet.net (220.128.3.114) 54.643 ms 56.940 ms 58.699 ms
5 tpdb-3101.hinet.net (220.128.14.241) 51.098 ms 52.266 ms 50.028 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
