Hello,
Okay, I am burning my head on this for the past few days
I have created an ipsec forticlient vpn on a fortigate 70d and is not able to connect. Error on windows pc goes like this
VPN Connection Failed. Please check your configuration, network conenction and pre-shared key, then retry your connection......
Forticlient log goes like this
3/24/2015 11:37:18 AM Notice VPN id=96566 msg="negotiation information, loc_ip=xxx.xxx.xxx.xxx loc_port=500 rem_ip=xx.xx.xx.xx rem_port=500 out_if=0 vpn_tunnel=New nav action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent xx.xx.xx.xx aggressive mode message #1 (OK)" vpntunnel="New nav" vpntype=ipsec
3/24/2015 11:37:18 AM Error VPN id=96567 msg="negotiation error, loc_ip=xxx.xxx.xxx.xxx loc_port=4500 rem_ip=xx.xx.xx.xx rem_port=4500 out_if=0 vpn_tunnel=New nav status=negotiate_error init=local mode=xauth_clinet stage=1 dir=inbound status=failureInitiator: parsed xx.xx.xx.xx aggressive mode message #1 " vpntunnel="New nav" vpntype=ipsec
3/24/2015 11:37:30 AM Warning VPN id=96561 msg="locip=xxx.xxx.xxx.xxx locport=4500 remip=xx.xx.xx.xx remport=4500 outif=0 vpntunnel=New nav status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel="New nav" vpntype=ipsec
In Mac it goes like this,
Preshared key is incorrect
I know the preshared key is correct.This connection was working until 2 weeks back. Dont know what went wrong.
The fortigate log says " Action : negotiate Status: failureprogress Message: IPsec phase 1
Any help would be much appreciated.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
hi,
looking into the vpn event logs, it seems like negotations errors this would mainly happen due to mis-configuration.
-you can debug the ike (isakmp packets) from fgt
diag debug rest
diag debug console timestamp enable
diag vpn ike log-filter dst-addr4 <client_public_ip>
diag debug app ike -1
-vpn configuration.
You may follow the videos:
http://docs.fortinet.com/d/fortigate-video-ipsec-vpn
thanks,
rewanta
Hi renjithmusafir - did you manage to resolve this issue? I'm having the same problem and have spent a couple of hours trying to solve it but without success.
many thanks,
Regards,
Igor
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1570 | |
1034 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.