Traffic not routing through IPsec Tunnel

Logan · March 13, 2026, 8:13pm

New to PL… and having issues. I’ve established an IPsec tunnel between my PL and FortiGate. Tunnel is up, however I cannot pass traffic through the tunnel. This tells me it’s either a routing or firewall policy/ACL based issue.

On the FGT side I’ve run a PCAP on the tunnel interface and I’m seeing no traffic hit the tunnel, despite being on the PL side trying to access my server.

FGT has all the requisite policies to allow the traffic. I see bytes on the firewall policy after trying to send packets through the tunnel, so I know the FGT is routing the traffic to/through the tunnel.

PL has the default “allow all”… even added granular policies from local to remote and remote to local defining the same subnets from my P2 proposals.

What am I missing? I’m not seeing anything logged on the PL side in the event logs(enabled event logging on both outbound and inbound firewall policies).

MarceloBarros · March 13, 2026, 8:53pm

hi…
By default… Peplink route the ip range to the ipsec tunnel… Have you try, at the peplink, do a ping? from the peplink to the PA device?

AskTim · March 13, 2026, 9:31pm

Have you tried changing the IPSec type to Route-based? Then you can use outbound policy rules to send whatever traffic you want across the tunnel.

Logan · March 13, 2026, 9:32pm

Tried pinging from client devices behind the peplink to multiple devices behind the FortiGate. Nothing is hitting the FortiGate side.

Logan · March 13, 2026, 9:37pm

Yes, I’ve tried changing to route based and added an outbound policy for source network to destination network, encforced / IPsec tunnel. IPsec tunnel still up showing a green box and 10.100.1.0/24 ↔ 10.10.0.0/16.

No traffic is passing through the tunnel.

MarceloBarros · March 14, 2026, 10:41am

but…
Have you try direct from the PA device going direct to the peplink device?
Not from the pc connected at the PA or at the Peplink.

Peplink > Dashboard > System > Ping ?