Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
vusal_d
New Contributor

shrew soft vpn client won’t connect to remote site

Hello everyone  I stuck resolving one issue for our user. She uses shrew vpn client to connect to vpn. It is not like l2tp/ipsec connection with username password and psk. Actually I can connect to vpn eve with l2tp/ipsec. But she uses something like vpn site-to-site connection. I noticed in settings of vpn confid it has phase1 and phase2 selector and everything else what required to setup site-to-site connection

so  whenever she clicks connect this soft stucks at “bringing up tunnel” . It may stay bringing up tunnel state many hours with no error . 

i cant see any error in fortigate logs (attaced). Remote site admin told that everyone can connect so somethin preventing her connection. ..maybe my firewall.

 

config loaded for site 'xx.xxx.xx.xxx.vpn.vpn'
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
remote id configured
server cert configured
client cert configured
client key configured
bringing up tunnel ...

 

This is my rule config

config firewall policy
    edit 20
        set name "Allow VPN Connection"
        set uuid 1d502eac-2a52-51e9-9c5c-9403aa57bb56
        set srcintf "port10"
        set dstintf "port9"
        set srcaddr "all"
        set dstaddr "Allowed VPN servers"
        set action accept
        set schedule "always"
        set service "vpn-tunneling"
        set logtraffic all
        set logtraffic-start enable
        set capture-packet enable
        set fsso disable
        set nat enable
    next
end

 

the host is windows 8 pc

1 REPLY 1
vusal_d
New Contributor

Seems it is not fortigate issue. 

Thanks for viewing question :)

Labels
Top Kudoed Authors