Description | This article describes how to address one possible failure scenario of P2 establishment on an S2S IPsec tunnel between FortiGate and Sonicwall. |
Scope | FortiGate. |
Solution |
If P2 fails to establish for a site-to-site IPsec tunnel between FortiGate and Sonicwall, it may show the following error in the IKE debug or VPN event logs:
INVALID-ID-INFORMATION
If this occurs, check the phase 2 source and destination networks to ensure they match on both sides. Ensuring they match will fix the issue. The IKE debug should show P2 retransmissions with the previously mentioned error code when the issue happens:
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.