Answer the question
In order to leave comments, you need to log in
V
V
Vitaly Karasik2022-01-20 22:05:59
Vitaly Karasik, 2022-01-20 22:05:59
Strange routing problem, how to debug?
I have a Linux server that needs to connect to a remote machine via a site-to-site VPN, on a Fortigate.
My server: 10.10.10.10
Fortigate: 10.10.10.11
Remote machine: 111.111.111.111
VPN is a black box for me, especially the remote site, but there is access to the local Fortigate.
On my Linux I added a routing:
IP Route Add 111.1111111111111110.10.11
IP Route Get 111.11111111111111111111 VIA 10.10.11
DEV ENS5 SRC 10.10.10 UID 0
CACHE
, but to the remote server 111.111111111111111111111111111111 can.
It is clear that I am not sure that the VPN and routing on the other side are configured correctly. I at least want to be convinced that packets come to local Fortigate. So, when I access 111.111.111.111 from 10.10.10.10, "diag sniffer packet" on the local Fortigate does not show them! What would that mean and how to fix it? (ping between 10.10.10.10 and 10.10.10.11 is )
1 answer(s)
@vitaly_il1
V
Vitaly Karasik, 2022-01-23 @vitaly_il1
It turns out that in AWS, by default, a network interface checks source / destination :
"Each EC2 instance performs source/destination checks by default. This means that the instance must be the source or destination of any traffic it sends or receives.
" network interface Fortigate everything worked.
https://docs.aws.amazon.com/vpc/latest/userguide/V...
Similar questions
E
C
P
J
D
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question