On a FortiWiFi 90D, we changed our ISP and now we can't get out IPSec VPN with our phone vendor back up. Nothing else has changed.
We changed:
[ol]I can't think of anything else that would need to change, however, we keep getting the following error in the Event Log:
Log Description: IPsec phase 1 error
Message: IPsec phase 1
Outgoing Interface: wan2 Peer Notification: INVALID-ID-INFORMATION
Reason: peer notification Status: negotiate_error
I've taken over this router (used to SonicWalls), so if you need more info for anything from CLI, please let me know.
Any ideas????
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Try and put the old LocalID back in. The other side is expecting that ID and wont take the new one unless the other side is reconfigured. Was anything at the phone vendor reconfigured, Usually with an ISP change you need to reconfigure all remote sides of a tunnel unless its only using the localID for verificaiton.
Did you also change the peer IP on the remote unit? It needs to know where the other end has moved to.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
I'm sorry. I neglected to mention that the phone vendor updated their side to match our new IP settings as well.
They have an Adtran and have the Peer Address matching our WAN IP and their RemoteID set as "IP Address" and matching our WAN IP address as well.
I'm just at a loss on what else to try. I will say, no matter what I put in the Phase 1 - Local ID field... I get the same error.
Attached is their side of the VPN.
Have you tried downing both sides of the tunnel and bringing them back up? I would need to see more of the P1 and P2 settings to add any more here.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1678 | |
1085 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.