# Diag debug resetSimilar output as below will appear.
# Diag debug flow filter saddr 10.1.1.1
# Diag debug flow filter daddr 192.168.1.1
# Diag debug flow filter proto 1
# Diag debug flow trace start 1000
# Diag debug enable
id=20085 trace_id=66 func=print_pkt_detail line=4489 msg="vd-root received a packet(proto=1, 10.1.1.1:1->192.168.1.1:8) from IPSEC.b. code=8, type=0, id=1, seq=1154."Add the route by below commands.
id=20085 trace_id=66 func=init_ip_session_common line=4645 msg="allocate a new session-00007dbc"
id=20085 trace_id=66 func=ip_route_input_slow line=1274 msg="reverse path check fail, drop"
id=20085 trace_id=66 func=ip_session_handle_no_dst line=4712 msg="trace"
id=20085 trace_id=67 func=print_pkt_detail line=4489 msg="vd-root received a packet(proto=1, 10.139.64.100:1->192.168.1.1:8) from IPSEC.b. code=8, type=0, id=1, seq=1155."
# config router staticCommand to verify the routes.
edit 0
set dst 10.1.1.0 255.255.255.0
set device "IPSEC.b"
next
End
# Get router info routing-table details 10.1.1.1Once the route is added, also verify the below:
Routing table for VRF=0
Routing entry for 10.1.1.0/24
Known via "static", distance 10, metric 0, best
* 10.1.1.4, via IPSEC.B
Related Articles
Technical Note: How to access remote resource via IPsec for SSL VPN user
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.