I would suggest you to please make sure on both the ends all the IPSec parameters should be same, and also capture the packets from the below commands and then try to initiate the tunnel from Checkpoint

diag debug reset

diag debug appl ike -1

diag debug enable

You can also refer the video's at www.video.fortinet.com

Regards,

Somu

ede_pfau

SuperUser

hi,

the private networks behind the tunnel ends need to be different from each other - a VPN (usually) connects 2 networks. I see that you might have subnets which are partly overlapping.

But in general, you need to give more information if you expect help. First, find out how to post pictures

Which are the networks (address and network masks), which version of FortiOS, what have you configured so far - VPN parameters, setup etc. IMHO it's far too early for debugging...

amitbdAuthor

New Member

Hi, here my details.

Forti Debug:

http://jpg.co.il/view/562ccb9b820e5.png/

Forti Interface:

http://jpg.co.il/view/562ccbad75e4f.png/

Static Route:

http://jpg.co.il/view/562ccbc208c0c.png/

Forti Policy:

http://jpg.co.il/view/562ccbd48eaa0.png/

Vpn:

http://jpg.co.il/view/562ccbe3b1524.png/

http://jpg.co.il/view/562ccbf8cf525.png/

http://jpg.co.il/view/562ccc0642726.png/

http://jpg.co.il/view/562ccc10347a3.png/

Site Up

[link]http://jpg.co.il/view/562ccc1be5b59.png/[/link]

CheckPoint Encrypt confgiuration:

[link]http://jpg.co.il/view/562ccb415c630.png/[/link]

amitbdAuthor

New Member

Where is the Quick Mode ?

ede_pfau

SuperUser

In phase2, "Advanced..." . Set the local network plus netmask, and the remote network (behind the tunnel, the remote LAN) as well. Make sure you have these settings on the CP side as well, and identical.