I have a Fortigate configured with 3 VDOMs, 1 is a transparent internet vdom, and 2 Customer VDOMs.
both have a VPN set up, almost identically, one works the other doesnt.
On the one that works, you can happily see the IKE packets both way on the anayzer as you would expect (Allow Rule for IKE on the internet VDOM)
On the one that fails, (Phase 1 and 2 are up) but the analyzer is blocking ESP packets? why on earth would it see the payload on this particular VPN? what has stripped of the IKE header? both sides match, but I think the other side does not have NAT-T enabled, would this cause the issue? would like to know.. thank you
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1634 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.