Joe Freeman <[email protected]> writes: > Now I'm having trouble getting traffic across it. I've got a policy in the > FG that allows any/any between the internal interface and the tunnel (both > ways). Traffic counters aren't incrementing on either policy. I've also > checked my static routes that send traffic to the tunnel on both sides.
Since it is a 0.0.0.0/0 tunnel both src and dst, a plain ping from the Fortigate should at least go through the tunnel. Personally I would try "diagnose sniffer packet tunnelinterface" on the Fortigate while at the same time doing "execute ping" something that hits the static route. If that does not show any traffic, the problem has to involve routing somehow. /Benny _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
