Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
thege
New Contributor

Can't select WAN interface for use with Windows Native VPN client in IPsec Wizard

FortiGate VM with a /28 IP block setup on WAN interface with first IP in block as interface IP and all other IP's set as secondary IP's. I have a couple S2S IPSec VPN tunnels established to this FortiGate, terminating at the WAN interface IP.

I want to now add in Windows Native VPJN (L2TP over IPSec) but the wizard won't let me select the WAN interface.

Is this a general limitation and I won't be able to do it this way, or is it just a wizard limitation and I could setup manually via CLI? I used to have a few different dialup peers (for remote FortiGate's on dynamic IP or begin NAT) tied the same WAN interface IP and I would set those up in CLI and use aggressive made with unique peerid/localid, but don't know how that might translate when using Windows Native client, as there wouldn't be unique ID's I would set on each Windows machine.

Wondering what options I have beyond splitting up the WAN interface into multiple WAN interfaces using VLSM. This burns usable IP's, so I would prefer to avoid this route.

https://omegle.onl/ vshare
1 REPLY 1
abarushka
Staff
Staff

Hello,

 

You may consider to try to create the tunnel in the CLI during maintenance window. Normally due to limitation interface is just not available in GUI. However while trying to configure interface via the CLI error message with the reason will be returned.

FortiGate
Labels
Top Kudoed Authors