IPsec + Entra SAML - multiple IPsec tunnel
I am looking for assistance getting a multiple IPsec tunnel configuration working on a single WAN IP.
Utilizing IKEv2 for Entra SAML authentication. I have two IPsec configurations, each are configured the same with the exception of PSK and Local ID. Forgot one other note: The second tunnel is configured to use IPv4 Split-Tunnel.
I can successfully connect to the "primary" one or the employee one I setup first. As long as my PSK/Local ID and DHG/Encryption in my forticlient is set correctly it authenticates and connects. If I attempt to switch to the Vendor intended tunnel and use that configuration, I get through Entra Authentication and it hangs and fails to connect.
Details
120G running v7.4.8
Using Forticlient free v7.4.3.1790
Hoping someone can point me in the right direction of what I am missing. I was really expecting the Local ID to make this simple to configure.
I have tried changing Encryption & DH groups on the second tunnel phase1/2 (on top of different PSK/local ID) but that has not resolved the problem either.
Thank you