IPSec negotiation failure

I have a probleme with negotiation

SuperUser

If (IF) this is truly a phase2 error, then it might be

- mismatching QM selectors (a.k.a. "protected domains")

- PFS setting mismatch

- if this is a dial-in tunnel: failure to assign client IP address

New Member

Hello,

Thanks for your feedback. The problem still exists, today in the morning the tunnel is down but after an hour it is up.

New Member

is DPD enable?

what's the other end ? ( fgt panw csco forcepoint jnpr )

if you "vpn ike gateway clear" does that speed up the recover ?

Ken Felix

New Member

The remote device is FortiGate.

The recover speedly

Sign up