Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
adrianit
New Contributor

Anomaly IP Sec negotiate Status negotiate

 
 

Dear Team Fortinet Comunity 

 

I have issue this VPN IP Sec anomaly error status negotiate and failure and this issue looping errot stat ,

 

do you have any suggestion for the resolve this issue or manual to fix this problemphase1.JPGphase2.JPGAnomaly.JPGanomaly2.JPG

Thank you for support and cooperation 

 

1 REPLY 1
atakannatak
Contributor II

Hi @adrianit ,

 

The logs show the tunnel fails to establish with the message “Peer SA proposal does not match local policy.” For more details, refer to the link below.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-IPsec-does-not-match-local-policy/ta-p/215...

 

To pinpoint the configuration error, we need application-level debug logs. Run these commands:

 

diagnose vpn ike log-filter dst-addr4 (X.X.X.X) <----- IP address of the remote peer.
diagnose debug application ike -1
diagnose debug enable


BR.

 

If my answer provided a solution for you, please mark the reply as solved it so that others can get it easily while searching for similar scenarios.

 

CCIE #68781

Atakan Atak
Atakan Atak
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors