I have a quiestion about VPN settings on a Fortigate 60D.
- Two locations with separate local networks
- Location 1: Ubiquiti Unifi USG with public IP
- Location 2: Fortigate 60D with latest Firmware and public IP
- VPN is set up with a preshared key
- Static route (sending the remote subnet to the tunnel interface) and Firewall-Policies (from and to the local and the tunnel interface with the relevant subnets) created on the Fortinet
- Added the requested blackhole routes (RFC1918)
- No additional configuration on the USG
- Fortinet shows the tunnel as UP / No Errors in the Log
- The USG shows 0 Zone to Zone VPN's
- I can ping from the USG side to the Fortigate side
- I can not ping from the Fortinet to the USG side
- IPSec Monitor does not show any traffic when i try to ping from the Fortinet side (I checked the Route the Policies several times). It shows traffic when i ping from the USG side.
- Has anybody configured a working connection between Fortigate and USG?
- It looks like there is no traffic going to the tunnel. Do i need to add some additional config on the Fortigate besides the Tunnel, the route and the policies?
Thanks for your support!
> - I can not ping from the Fortinet to the USG side
Ping from Fortigate or or computer behind Fortigate?
Did you try #diag sniff packet any '' 4 a to identify if packet was routed into tunnel or not?