Community discussions

MikroTik App
 
awstest
just joined
Topic Author
Posts: 6
Joined: Fri May 03, 2019 4:24 pm

IPSEC between Mikrotik and Fortigate problem

Thu Jun 23, 2022 4:16 pm

We have an issue with the connection between our Mikrotik and Fortigate on our partner site. Now the status is “established”, but we can ping from Mikrotik site Fortigate network. Our partner says that they can see some traffic and can able to ping our site.
Could you please help us to determinate a problem?
Also we crated NAT rule and allow all icmp, tcp and upd traffic:
/ip firewall nat
add action=accept chain=srcnat src-address =Mikrotik dst-address-list=FortiGate

Also we have destination NAT rules for IPsec traffic that are forwarding the IPsec traffic to a local IP address - xxx.xxx.xx.xx. It's our internal VPN Server. It might be blocking traffic and redirecting it to an internal server. But we also have one more VPN Tunnel with same settings and it working fine 2 years. So, NAT rule does not prevent him from. Please help
 
User avatar
StubArea51
Trainer
Trainer
Posts: 1739
Joined: Fri Aug 10, 2012 6:46 am
Location: stubarea51.net
Contact:

Re: IPSEC between Mikrotik and Fortigate problem

Thu Jun 23, 2022 4:35 pm

It's not clear exactly what isn't working.

Can you post the relevant IPSEC, NAT configs and platforms w/ software versions
 
awstest
just joined
Topic Author
Posts: 6
Joined: Fri May 03, 2019 4:24 pm

Re: IPSEC between Mikrotik and Fortigate problem

Thu Jun 23, 2022 4:53 pm

The problem is that the Mikrotik network is not pinging the Fortigate network. Everything works with Fortigate, though.
The connection is established and the traffic goes to the wrong place. Maybe there is a rule missing. See the IPSec settings in the attachment.
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: GoogleOther [Bot], Luanscps and 64 guests