No IPsec Tunnel Interface FortiGate 50B

Forum|Forum|9 years ago
June 22, 2016
1 reply
5728 views

Hello All

I need to create an IPsec tunnel from one of my clients FortiGate 50B to our FortiGate 1500D.

I have created the IPsec tunnel and it shows on both devices the tunnel is up.

However the 50B only supports FortiOS4 MR3 Patch 18.

The Phase 1 Tunnel interface does not appear on the lists of interfaces.

Only WAN1, WAN2, Internal and SSL.

No Phase 1 tunnel interface.

How do I route the necessary traffic through the tunnel and not out the default route ?

CorneJvVAuthor

New Member

As mentioned earlier no Phase 1 IPsec interface

Lluanda-fw~ (static) # edit 6 new entry '6' added Luanda-fw~ (6) # set dst 192.168.156.0/24 Luanda-fw~ (6) # set device <string> please input string value internal (FG-INSIDE) interface ssl.root () interface wan1 (FG-OUTSIDE) interface wan2 (FG-DMZ) interface Luanda-fw~ (6) # set device

---------------------------------------------------- Luanda-fw~ # config firewall policy Luanda-fw~ (policy) # edit 3 new entry '3' added Luanda-fw~ (3) # set srcintf internal Luanda-fw~ (3) # set srcaddr Angola.local Luanda-fw~ (3) # set dstintf <string> please input string value any match any interface in the virtual domain internal (FG-INSIDE) interface ssl.root () interface wan1 (FG-OUTSIDE) interface wan2 (FG-DMZ) interface

Luanda-fw~ (3) #

CorneJvVAuthor

New Member

What a Mission.

Completely overlooked the Tick Box for Enable IPsec Interface Mode in Phase 1

rwpatterson

New Member

LOL! I was about to say that the older versions of code defaulted to policy based tunnels. Glad you found it.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded