Created on
01-07-2025
06:39 AM
Edited on
01-08-2025
08:30 AM
By
Stephen_G
Description | This article explains how to fix an IPsec tunnel problem due to a malformed AUTH message between a Barracuda firewall and a FortiGate. |
Scope | IPsec, FortiGate, Barracuda firewall. |
Solution |
In the following IPsec site-to-site tunnel setup, FortiGate is the IKE initiator while Barracuda firewall is the responder.
IPSec tunnel Name: CRR-T2. IKE version: IKEv2. Take debugs on the FortiGate firewall using the following commands:
di vpn ike log-filter clear di vpn ike log-filter name <Phase1 name> diag debug app ike -1
Note: Starting from v7.4.1, the 'di vpn ike log-filter' command has been changed to 'di vpn ike log filter'.
7EB1FB50C80A427A360B04BAAB6C5C AD125DD4548D047A38FE4ABCB57B7FFCCCA2C660FF89C2373F82E9324A04655 Solution:
Change the following settings in the IPsec configuration in Barracuda.
|