VPN IPSec Fortigate behind router

Forum|Forum|9 years ago
November 8, 2016
1 reply
8879 views

Hi,

I have to configure an IPSec VPN in a Fortigate 70d to bring it up with a remote Forticlient installed in a PC. The Fortigate is behind an ISP router with a public IP that is making NAT from public network to Fortigate, and Fortigate is making a second NAT to site's LAN.

I had read in the forum that It is necessary to open UDP ports 500 and 4500 in the router, I have made a NAT in the ISP's router, mapping these ports in the public IP to the same ports in the Fortigate's interface WAN but VPN is not working.

Is it necessary any other change to configure this VPN?

Thanks.

Toshi_Esumi

SuperUser

ESP(IP protocol 50) needs to be allowed to come through the NAT point as well. Do you see any packets arriving from the client at the 70C's port when you sniffed?

hklb

Visitor III

Hi,

Did you active the NAT-T on the VPN configuration ?

ufoxAuthor

New Member

hklb wrote:
Hi,

Did you active the NAT-T on the VPN configuration ?

Hi,

Yes, it is active.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded