Description |
This article describes how to handle a scenario where the IPsec Tunnel is up and traffic seems to be leaving FortiGate but is not reaching the remote end.
This article applies to all the possible scenarios mentioned below:
|
Scope | FortiGate. |
Solution |
Follow these steps:
diagnose vpn ike gateway list name <tunnel_name> diagnose vpn tunnel list name <tunnel_name>
config vpn ipsec phase1-interface edit "VPN-Phase1" set nattraversal forced end
Make sure NAT-Traversal is also enabled on the remote end on a Third-party device.
diagnose vpn tunnel flush <tunnel_name> diagnose vpn ike gateway flush name <tunnel_name>
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.