Skip to main content
Karim_namat
Karim_namat
Explorer
November 26, 2024
Question

Fortigate VM IPSEC ISSUE

  • November 26, 2024
  • 3 replies
  • 2513 views

Hello All,

 

Hope you are all doing well, I'm facing an issue today while working on IPSEC on Fortigate VM,

 

 

When I try to create a IPSec VPN tunnel using the wizard this error show up " 61: Input not as expected." as a workaround I create it mannuly to avoid this error but on the Phase2 of VPN Tunnel the fortigate keep loading with out saving the configuration ( screen attached )

 

+The OS info : v7.6.0 build3401

+ Config : 2CPU, 2GB RAM

 

Do you have any recommandation on that ?

 

Regards,

Karim

ERROR.png

GUI.png

3 replies

jo_rang
Staff
jo_rang
Staff
November 26, 2024

Hi,

 

Try to create the VPN via CLI:

 

Phase 1:

 

config vpn ipsec phase1-interface

 

edit "IPSEC"
set interface "wan1"
set peertype any
set net-device disable
set proposal aes128-sha256 aes256-sha256 aes128-sha1 aes256-sha1
set remote-gw 10.9.10.27
set psksecret **********
next
end

 

 

Phase2

config vpn ipsec phase2-interface

edit "IPSEC"
set phase1name "10.9.10.27"
set proposal aes128-sha1 aes256-sha1 aes128-sha256 aes256-sha256 aes128gcm aes256gcm chacha20poly1305
set src-addr-type name
set dst-addr-type name
set src-name "IPSEC_local"
set dst-name "IPSEC_remote"
next
end

Karim_namat
Karim_namatAuthor
Explorer
November 27, 2024

Hi @jo_rang 

If you setup it via CLI as a custom via GUI it will work but no logs will be shown on implicit deny for troubleshoot purpose unfortunately.

image.png

sjoshi
Staff
sjoshi
Staff
November 27, 2024

Hi @Karim_namat.

 

Please try to collect FGT GUI output while creating the IPSEC.

 

Related article:

Troubleshooting Tip: Collect GUI slowness and errors debugs via FortiGate Support Tool

Thanks, Salon
    Karim_namat
    Karim_namatAuthor
    Explorer
    November 27, 2024

    Hello @sjoshi

     

    I believe this is related to the current iOS version, even the wizard has a new view, i will test with old version and keep you updated

     

     

    sjoshi
    Staff
    sjoshi
    Staff
    November 27, 2024

    sure

    Thanks, Salon
      johnlloyd_13
      johnlloyd_13
      Explorer III
      November 27, 2024

      hi,

      can you use/provision FG VM 7.4 instead to see whether it's OS/bug related?

        Karim_namat
        Karim_namatAuthor
        Explorer
        November 27, 2024

        Hi @johnlloyd_13 

         

        This must be tested since i'm using free trial i'm only allowed to use one VM peer account, i will test that as well

         

        Thank you 

         

        Karim

        Terms & ConditionsAccessibility statement