Created on
01-07-2025
06:39 AM
Edited on
01-08-2025
08:30 AM
By
Stephen_G
Description | This article explains how to fix an IPsec tunnel problem due to a malformed AUTH message between a Barracuda firewall and a FortiGate. |
Scope | IPsec, FortiGate, Barracuda firewall. |
Solution |
In the following IPsec site-to-site tunnel setup, FortiGate is the IKE initiator while Barracuda firewall is the responder.
IPSec tunnel Name: CRR-T2. IKE version: IKEv2. Take debugs on the FortiGate firewall using the following commands:
di vpn ike log-filter clear di vpn ike log-filter name <Phase1 name> diag debug app ike -1
Note: Starting from v7.4.1, the 'di vpn ike log-filter' command has been changed to 'di vpn ike log filter'.
7EB1FB50C80A427A360B04BAAB6C5C AD125DD4548D047A38FE4ABCB57B7FFCCCA2C660FF89C2373F82E9324A04655 Solution:
Change the following settings in the IPsec configuration in Barracuda.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.