FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.



This article explains IPsec VPN offloading with AES-GCM encryption. For more information on Suite-B and other encryption algorithms supported by FortiOS, see Encryption Algorithms in the FortiOS Cookbook. For more information about FortiGate's CP9, CP9XLite and CP9Lite capabilities, see the user documentation.


For FortiGates with CP9, CP9XLite and CP9Lite ASIC.



Consider the following debug flow and session list:


Debug flow:

id=20085 trace_id=27 func=print_pkt_detail line=5644 msg="vd-root:0 received a packet (proto=1,> from mgmt. type=8, code=0, id=1, seq=26."
id=20085 trace_id=27 func=resolve_ip_tuple_fast line=5724 msg="Find an existing session, id-00015869, original direction"
id=20085 trace_id=27 func=npu_handle_session44 line=1164 msg="Trying to offloading session from mgmt to vpn-tunnel, skb.npu_flag=00000400 ses.state=00000204 ses.npu_state=0x03040000"
id=20085 trace_id=27 func=fw_forward_dirty_handler line=399 msg="state=00000204, state2=00000001, npu_state=03040000"
id=20085 trace_id=27 func=__ip_session_run_tuple line=3412 msg="SNAT>"
id=20085 trace_id=27 func=ipsecdev_hard_start_xmit line=788 msg="enter IPsec interface-vpn-tunnel"
id=20085 trace_id=27 func=esp_output4 line=927 msg="IPsec encrypt/auth"
id=20085 trace_id=27 func=ipsec_output_finish line=618 msg="send to via intf-port2"


Session list:


session info: proto=1 proto_state=00 duration=24 expire=38 timeout=0 flags=00000000 sockflag=00000000 sockport=0 av_idx=0 use=4
class_id=0 ha_id=0 policy_dir=0 tunnel=vpn-tunnel/ vlan_cos=0/255
state=log may_dirty f00
statistic(bytes/packets/allow_err): org=240/4/1 reply=240/4/1 tuples=2
tx speed(Bps/kbps): 9/0 rx speed(Bps/kbps): 9/0
orgin->sink: org pre->post, reply pre->post dev=3->52/52->3 gwy=
hook=post dir=org act=snat>
hook=pre dir=reply act=dnat>
misc=0 policy_id=3 auth_info=0 chk_client_info=0 vd=0
serial=00015869 tos=ff/ff app_list=0 app=0 url_cat=0
vwl_mbr_seq=0 vwl_service_id=0
rpdb_link_id=00000000 ngfwid=n/a
dd_type=0 dd_mode=0
no_ofld_reason:  non-npu-intf
total session 1



According to the debug flow, the FortiGate is trying to offload the IPsec VPN traffic.
In the session list, it is possible to see that the NPU ASIC is not capable of handling the encryption in use.
The tunnel list also shows 'npu_flag=20'. IPsec SA cannot be offloaded to NPU because either the cipher or the HMAC is not supported by NPU.
Because AES-GCM encryption is handled only by the CP9 ASIC processor, it's possible to check the CP9 stats and see that the packets are offloaded correctly, both for encryption and decryption:


Upon selecting AES-GCM on the FortiGate VPN settings, the authentication field will become unavailable. This is because AES-GCM provides both authenticated encryption (confidentiality and authentication) and the ability to check the integrity and authentication of additional authenticated data.