Has anyone successfully created an IPSec VPN tunnel between a FG on a Sierra Wireless XR80/90?
I've created a tunnel, routes, and policies successfully, but can't get communication across the tunnel.
Tried Sierra Wireless's documentation too, with no success.
https://source.sierrawireless.com/airlinkos/XR80-4.1/reference/networking/howto/vpn/
Like I said, the tunnel is up, but can NOT get traffic to flow across.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Might have been related to the cellular service plan we had the XR80 on. Switched it over to their Fixed Wireless plan and then it worked. Made no other changes to the FG.
Can you initiate a ping from a PC behind Fortigate to a PC behind Sierra and get a debug?
You must make sure that the packet enters the VPN.
for example:
Let the PC behind FGT be: 192.168.1.100
PC running Sierra: Let it be 192.168.3.200
dia debug flow filter addr 192.168.3.200
dia debug flow trace start 100
dia debug en
When you start a ping to 192.168.3.200, the debug logs that appear on the screen may contain messages that will help you understand the problem.
Might have been related to the cellular service plan we had the XR80 on. Switched it over to their Fixed Wireless plan and then it worked. Made no other changes to the FG.
Hi @JP57,
Is the tunnel up when using cellular service? You can try to switch back and run debug flow commands on FortiGate to see if traffic flowing through the tunnel:
diag debug reset
diag debug flow filter addr X.X.X.X (source IP)
diag debug flow filter proto 1
diag debug flow show ip en
diag debug flow show func en
diag debug console time ena
diag debug ena
diag debug flow trace start 999
Regards,
Minh
Dear JP57,
Please check if the traffic is hitting to the correct policy and route is present on firewall to point the interesting traffic to flow across correct IPsec tunnel.
Regards,
Parteek
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.