------------------- SITE A ---------------------
config vpn ipsec phase1-interface    
    
    edit "gw_KP_WAN1xWAN1"

        set interface "wan1"

        set peertype any

        set proposal 3des-sha1 3des-md5

        set localid "MAPLANTAVLN"

        set dhgrp 2

        set remote-gw x.x.x.x

        set psksecret ENC 2my5F/g1bSEa8FdFoTiN/4muEL8Q3DztkNSJZPIp+6gB3SO88j39hdQcxYwCES10cHbB0bQFNMA20c4uUi2AVfcWlY74+ZYB/tCDAUxt5gFjsGZkglIDTm/6Ewf107zDeuSQtwxmMEZftJFJTgW+PDHXgBvLFKNV8HJBhrqzqaZ3V6JDG9+3219052oR44bqwdU0qXpdIRZg==

    next

    edit "gw_KP_WAN1xWAN2"

        set interface "wan1"

        set peertype any

        set proposal 3des-sha1 3des-md5

        set localid "MAPLANTAVLN"

        set dhgrp 2

        set remote-gw x.x.x.x

        set psksecret ENC 2my5F/g1bSEa8FdFoTiN/4muEL8Q3DztkNSJZPIp+6gB3SO88j39hdQcxYwCES10cHbB0bQFNMA20c4uUi2AVfcWlY74+ZYB/tCDAUxt5gFjsGZkglIDTm/6Ewf107zDeuSQtwxmMEZftJFJTgW+PDHXgBvLFKNV8HJBhrqzqaZ3V6JDG9+3219052oR44bqwdU0qXpdIRZg==

    next

end

config vpn ipsec phase2-interface

    edit "NetMAVLNxWAN1_to_KP"

        set phase1name "gw_KP_WAN1xWAN1"

        set proposal 3des-sha1 3des-md5

        set dhgrp 2

        set auto-negotiate enable

        set src-addr-type name

        set dst-addr-type name

        set src-name "MA_NETWORKS_OSPF"

        set dst-name "KP_NETWORKS_OSPF"

    next

    edit "NetMAVLNxWAN1_to_KPxWAN2"

        set phase1name "gw_KP_WAN1xWAN2"

        set proposal 3des-sha1 3des-md5

        set dhgrp 2

        set auto-negotiate enable

        set src-addr-type name

        set dst-addr-type name

        set src-name "MA_NETWORKS_OSPF"

        set dst-name "KP_NETWORKS_OSPF"

    next

end
--------------------- SITE C ------------------------------
config vpn ipsec phase1-interface

    edit "gw_MA_WAN1xVLN1"

        set interface "wan1"

        set keylife 28800

        set peertype any

        set proposal 3des-sha1 3des-md5

        set localid "FGT110C-KP"

        set negotiate-timeout 15

        set npu-offload disable

        set dhgrp 2

        set remote-gw x.x.x.x

        set psksecret ENC 1w/OjYmOpEKl0rgGSGGGHc64G5ugZPdQTaJt5JVixmNks2AUTIkvEGzZwvn7ZjJ4xnH0W9w1mCxvLlGVeuiLEWESfuZyZyiqX4h1gh/3rxzlMQscZ03ww2ql2K35Wq1J9WKTAIuwq8ZNSAjCXKLzgmZgSQgiJsPh9/m+Z/c3T8zoiNpeTNPvScGMVVUnKZpEBgpfow==

    next

    edit "gw_MA_WAN2xVLN1"

        set interface "wan2"

        set keylife 28800

        set peertype any

        set proposal 3des-sha1 3des-md5

        set localid "FGT110C-KP"

        set negotiate-timeout 15

        set npu-offload disable

        set dhgrp 2

        set remote-gw x.x.x.x

        set psksecret ENC nLjzVjyFAVLV0vEYn6YJKAY6t302aP38YNISX3hH5AYyAB1te1xuok5K40tC5w90+BCLefUUPDXQworqdyHoP4ye3Ju9RZb1H8GwFfF3/WxFOT48jwPtSfUCfRn5F0q0V+FX1lftS++DhRLVbpFJqVOpq+kYAbZMOb3AcZb5RBUzVCJxSFkfQo3WVnIbTccqvF2oEA==

    next

end

config vpn ipsec phase2-interface

    edit "NetKPWAN1to_MAVLNxWAN1"

        set phase1name "gw_MA_WAN1xVLN1"

        set proposal 3des-sha1 3des-md5

        set dhgrp 2

        set keepalive enable

        set src-addr-type name

        set dst-addr-type name

        set keylifeseconds 1800

        set src-name "KP_NETWORKS_OSPF"

        set dst-name "MA_NETWORKS_OSPF"

    next

    edit "NetKPWAN2to_MAVLNxWAN1"

        set phase1name "gw_MA_WAN2xVLN1"

        set proposal 3des-sha1 3des-md5

        set dhgrp 2

        set keepalive enable

        set src-addr-type name

        set dst-addr-type name

        set keylifeseconds 1800

        set src-name "KP_NETWORKS_OSPF"

        set dst-name "MA_NETWORKS_OSPF"

    next

end

on diag debug ike -1 the tunnel is working (with a static route)