6/28/2023 0 Comments Fortigate debug ipsec![]() ![]() ![]() I've attached a dump of the Phase 1 and Phase 2-settings used in both cases, as well as the error I get in the logs on the 60D. I've also checked, rechecked and then rechecked again the Phase 1-settings on both the nonworking and working firewalls, and they are exactly the same. In both cases I use the built-in Cisco IPSec-client that iOS has. But, and here's the kicker, that very same config works like a charm on a different Fortigate-unit (a Fortigate 40C, also running 5.2.2). Regardless of what I do in terms of config (using either the wizard, the CLI or a manual setup through the WebUI), I get an IPSec phase 1-error in the log on the Fortigate stating peer SA proposal not match local policy site when I try to connect to it. But the customer needs to access their internal LAN from iPads, which is where the problems start. We've set up a Site-to-Site IPSec VPN between their two offices, and that works without a hitch. Here's the deal: I've got a customer where we just set up a new Fortigate 60D running FortiOS 5.2.2. Well, after banging my head around this for damn near three weeks, reading tons of documentations and doing endless debugs, I'm calling it quits and turn to those that are hopefully way more smarter than me! (aka you guys in the SpiceWorks-community!)
0 Comments
Leave a Reply. |