Hello,
I hope you can help me, recently I was asked to configure another IPsec connection for remote users, with different policies. so I did it and everything worked properly, but I had not notice that, when I created the second IPsec connection, the fisrt one stop working, users cannot connect to that vpn connection, but the sencond works perfect. Once I deleted this second VPN connection, the first wan works again. Is this even possible, to have 2 differen IPsec connection through the same internet interface an IP address?, Did I miss something in the configuration?
We have a Fortigate 60D with v5.2.7,build718 (GA) SO. I know is an old one.
thank you for your comments.
regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
This should work as long as you tighten up the phase 2 selectors. If you have them open to 0.0.0.0, the firewall may have a hard time discerning which one to drive traffic through. I do this all day as do most folks here so I know it works.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Thank you for you comment, I am not sure how to configure that, this is what I have since I used the VPN wizard, and I think is exactly what you mentioned,
Where it says local and remote subnets, change them to the actual subnets, not leaving them at the wildcard. For example 192.068.1.0/255.255.255.0 instead of all zeros. Do this on both ends of the tunnel.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
If you're trying to set up two dialup/remote access VPNs for two different group, you need to user "Peer ID/Local ID" discussed in below:
https://forum.fortinet.com/tm.aspx?tree=true&m=184280&mpage=1
In the discussion, ShawnZA is referring to below KB:
https://kb.fortinet.com/kb/documentLink.do?externalID=10114
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.