Reach Forti Client VPN from MX Client

meraki-newbie
Getting noticed

Reach Forti Client VPN from MX Client

I have deploy this topology, the purpose is MX Client Segment could reach Forti Client VPN segment, static route MX<>FORTI has been configured for both direction. MX client Segment could ping 192.168.255.1 (on Forti Side), but it couldn't reach any forti client vpn on 192.168.65.0/24 ... i thought is enough to use static route only, should i config certain rule on both MX & Forti ?

 

merakinewbie_0-1714452375085.png

Regards

1 Reply 1
Brash
Kind of a big deal
Kind of a big deal

If you don't already have one, you need a static route on the MX for 192.168.65.0/24 with next hop of 192.168.255.1.
You'll also need a static route on the Fortinet for 10.10.10.0/24 with next hop of 192.168.255.2.

Assuming you have that, you'll then need to look at the firewall rules on the Fortinet and MX to ensure they're configured correctly.
Given you've got 2 security appliances there, I'd use the packet capture functionality on them to see where the packets are getting stuck.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels