Skip to main content
HughOD
HughOD
New Member
February 26, 2018
Question

Changed ISPs, can't get VPN to come back up

  • February 26, 2018
  • 1 reply
  • 8151 views

On a FortiWiFi 90D, we changed our ISP and now we can't get out IPSec VPN with our phone vendor back up.  Nothing else has changed.

 

We changed:

[ol]
  • System...Network...Interfaces... wan2[ul]
  • IP/Network Mask from old IP to 67.x.x.158/255.255.255.252[/ul]
  • Router...Static...Static Routes on Device wan2[ul]
  • Gateway from old IP to 67.x.x.157[/ul]
  • VPN...IPSec...Tunnels.."Our Tunnel"[ul]
  • Phase 1 Proposal... Local ID to our new WAN IP address[/ul][/ol]

    I can't think of anything else that would need to change, however, we keep getting the following error in the Event Log:

         Log Description:  IPsec phase 1 error

         Message:  IPsec phase 1

         Outgoing Interface:  wan2      Peer Notification:  INVALID-ID-INFORMATION

         Reason:  peer notification      Status:  negotiate_error

     

    I've taken over this router (used to SonicWalls), so if you need more info for anything from CLI, please let me know.

     

    Any ideas????

     

    Thanks!

      • 1 reply

      EMES
      EMES
      New Member
      February 26, 2018

      Try and put the old LocalID back in. The other side is expecting that ID and wont take the new one unless the other side is reconfigured. Was anything at the phone vendor reconfigured, Usually with an ISP change you need to reconfigure all remote sides of a tunnel unless its only using the localID for verificaiton.

      rwpatterson
      rwpatterson
      New Member
      February 26, 2018

      Did you also change the peer IP on the remote unit? It needs to know where the other end has moved to.

      Terms & ConditionsAccessibility statement