Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
dear friend ,
check for you policy may be their is loop hole . check you connected networks and check you routes.
Hello,
Everything seems correct, an example:
Message meets Alert condition
date=2017-07-05 time=02:24:27 devname=Fortinet devid=FGT60Dxxxxxxxxxx logid="0101037128" type="event" subtype="vpn" level="error" vd="root" logdesc="Progress IPsec phase 1" msg="progress IPsec phase 1" action="negotiate" remip=216.218.206.70 locip=xx.xx.xx.xx remport=61032 locport=500 outintf="wan1" cookies="3e35c70729dfedef/0000000000000000" user="N/A" group="N/A" xauthuser="N/A" xauthgroup="N/A" assignip=N/A vpntunnel="N/A" status="failure" init="remote" mode="main" dir="inbound" stage=1 role="responder" result="ERROR"
So I would like to block these external IP addresses, how do I?
Thanks
dear friend ,
some one is trying to use vpn of your system ,do you have any vpn setup in you firewall just check it .
if no one is using it remove the policy of vpn and remove vpn setup .
if you can share the screen shot of your firewall policy . that will be better for me to understand .
because from the log i can see that some is trying to do vpn and i got some bad traffic from you side
Created on 07-05-2017 08:10 AM
I have seen that error when a tunnel is broken down on the remote side but the Fortigate config has not been removed. The FGT is still trying to establish the tunnel but the remote side is giving no joy. You would not see VPN/Tunnel messages if the FGT wasn't ready to accept. You would see traffic hitting the firewall from the remote side, not tunnel building.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1633 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.