Announcement

Collapse
No announcement yet.

Fortigate VPN passthrough to sbs08

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Fortigate VPN passthrough to sbs08

    Hi!

    I’ve been stuck on a vpn-problem for quite some time now and my company needs to get this starting as soon as possible. We are running a sbs08 behind a Fortigate 50b. I’ve configured the sbs for vpn and I can connect to it from within the network (internal ip). The Fortigate is configured as follows:


    - - Virtual IP to the internal server with port forwarding to 1723
    - - Created firewall address with an available ip range (external interface)
    - - Added firewall policy from the wan-interface with the created range to the lan-interface to the sbs. Service of course PPTP and accepted.


    I followed the vpn manual from fortigate. Due to the petri policy I can't post the link yet.

    I can’t even ping the 1723 from outside.


    Could someone please help me out? I have tried everything I could think of, but nothing works.

    Thanks so much in advance!

    Edit: I get error 807 when trying to connect.

  • #2
    Re: Fortigate VPN passthrough to sbs08

    Along with tcp port 1723 you also need to allow protocol 47 (GRE) to pass through as well.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: Fortigate VPN passthrough to sbs08

      Thanks for the quick reply!

      I added gre to the vpn group (including PPTP, IKE, L2TP and now GRE).
      Still nothing though...

      Comment


      • #4
        Re: Fortigate VPN passthrough to sbs08

        I added gre to the vpn group (including PPTP, IKE, L2TP and now GRE).

        Did you allow GRE through the firewall though?
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: Fortigate VPN passthrough to sbs08

          Yes, there is a rule for both the PPTP-range to the server and a direct policy from wan to the server. These rules include the above services.

          Comment


          • #6
            Re: Fortigate VPN passthrough to sbs08

            I would check the logs on both the firewall and server. It may be worth while looking at the documentation for that firewall as well.
            CCNA, CCNA-Security, CCNP
            CCIE Security (In Progress)

            Comment

            Working...
            X