Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fabs
New Contributor III

Created on ‎12-10-2024 04:17 AM

Fortigate 7.6.1 - FortiClientVPN - IPsec SAML - Windows 11 24H2- no incoming traffic

Hello all,

 

I have a problem with IPsec SAML under Windows 11 24H2 with FortiClientVPN 7.4.1.1736 free version.

The connection is established, but I don't see any bytes for incoming traffic. Therefore the routing in the internal VLAN does not work, also the routing to the outside does not work.

 

The same tunnel works perfectly with the FortiClientVPN 7.4.2.0151 and the same SAML user on the iOS iPhone 15 Pro. Except for the fact that I have to exclude the SAML application from my Microsoft CA compliant device policy.

 

Here is the debug of the VPN connection.

 

100f_serverroom # diag debug reset

100f_serverroom # diag debug console timestamp en

100f_serverroom # diag vpn ike log filter name "XXXXXX IPsec"

100f_serverroom # diag debug application ike -1
Debug messages will be on for 30 minutes.

100f_serverroom # diag debug enable

100f_serverroom # 2024-12-10 11:36:43.276210 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-10 11:36:43.276339 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=c87c0c2ee891eeb5/0d86f6dc7c1926d8:0000006a len=76
2024-12-10 11:36:43.276379 ike 0: in C87C0C2EE891EEB50D86F6DC7C1926D82E2025080000006A0000004C0000003056374A2DDDD0DF45A3569507C0D2E64885DE998FE60CB2D93C46C6C3A9C25B2CE030E6178C6D973FBFF62D0D
2024-12-10 11:36:43.937654 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=409....
2024-12-10 11:36:43.937774 ike V=root:0: IKEv2 exchange=SA_INIT id=c1ed4e56aa50b2a2/0000000000000000 len=409
2024-12-10 11:36:43.937815 ike 0: in C1ED4E56AA50B2A200000000000000002120220800000000000001992200005C0200002C010100040300000C0100000C800E00800300000802000002030000080300000200000008040000050000002C020100040300000C0100000C80
0E01000300000802000005030000080300000C0000000804000005280000C8000500008FBE37D4CF842225961FDA0C28729E494DEE8841D11AE50B174F9C1EB763C16476DA03F93B71C82699DCC79538762E982979F1531DF0E85D02C4175ACBF6DEF6EAE7FB17989593978E93D680A
531B2FDBEC26ABBEB7CC73A324E23D90DD7510B26968DE3E7C864F70A1DDA91D8B2DD8247C942A0F23FEBA71B7A0C0FE7490EDCE9208AC40D0E070F0E0F9A9170EC6F96C69F6973EDA7137E50F9728CE211D562F10BF80E4880F0FB6C54DAE77AFDD56D5D2A0763D5AD891E29D42E30
390747CE2B000014E92174163E6DBFA060F92C7CA850D8C22B0000144C53427B6D465D1B337BB755A37A7FEF2B000014B4F01CA951E9DA8D0BAFBBD34AD3044E29000014C1DC4350476B98A429B91781914CA43E000000090000F05000
2024-12-10 11:36:43.937922 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: responder received SA_INIT msg
2024-12-10 11:36:43.937970 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
2024-12-10 11:36:43.938015 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
2024-12-10 11:36:43.938060 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: VID Forticlient EAP Extension C1DC4350476B98A429B91781914CA43E
2024-12-10 11:36:43.938106 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: received notify type VPN_NETWORK_ID
2024-12-10 11:36:43.938149 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: NETWORK ID : 0
2024-12-10 11:36:43.938203 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: incoming proposal:
2024-12-10 11:36:43.938246 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: proposal id = 1:
2024-12-10 11:36:43.938279 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:   protocol = IKEv2:
2024-12-10 11:36:43.938312 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:      encapsulation = IKEv2/none
2024-12-10 11:36:43.938347 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=ENCR, val=AES_CBC (key_len = 128)
2024-12-10 11:36:43.938381 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=INTEGR, val=AUTH_HMAC_SHA_96
2024-12-10 11:36:43.938415 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=PRF, val=PRF_HMAC_SHA
2024-12-10 11:36:43.938450 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=DH_GROUP, val=MODP1536.
2024-12-10 11:36:43.938492 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: proposal id = 2:
2024-12-10 11:36:43.938525 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:   protocol = IKEv2:
2024-12-10 11:36:43.938558 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:      encapsulation = IKEv2/none
2024-12-10 11:36:43.938592 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=ENCR, val=AES_CBC (key_len = 256)
2024-12-10 11:36:43.938626 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=INTEGR, val=AUTH_HMAC_SHA2_256_128
2024-12-10 11:36:43.938660 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=PRF, val=PRF_HMAC_SHA2_256
2024-12-10 11:36:43.938693 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=DH_GROUP, val=MODP1536.
2024-12-10 11:36:43.938752 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: matched proposal id 2
2024-12-10 11:36:43.938795 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: proposal id = 2:
2024-12-10 11:36:43.938828 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:   protocol = IKEv2:
2024-12-10 11:36:43.938860 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:      encapsulation = IKEv2/none
2024-12-10 11:36:43.938894 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=ENCR, val=AES_CBC (key_len = 256)
2024-12-10 11:36:43.938928 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=INTEGR, val=AUTH_HMAC_SHA2_256_128
2024-12-10 11:36:43.938977 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=PRF, val=PRF_HMAC_SHA2_256
2024-12-10 11:36:43.939006 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459:         type=DH_GROUP, val=MODP1536.
2024-12-10 11:36:43.939036 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: lifetime=86400
2024-12-10 11:36:43.939074 ike V=root:0:c1ed4e56aa50b2a2/0000000000000000:459: SA proposal chosen, matched gateway XXXXXX IPsec
2024-12-10 11:36:43.939125 ike V=root:0:XXXXXX IPsec:XXXXXX IPsec: created connection: 0x5561e3d8c0 7 xx.xx.xx.xx->xxx.xx.xxx.xx:24037.
2024-12-10 11:36:43.939183 ike V=root:0:XXXXXX IPsec:459: FEC vendor ID received FEC but IP not set
2024-12-10 11:36:43.939214 ike 0:XXXXXX IPsec:459: FCT EAP 2FA extension vendor ID received
2024-12-10 11:36:43.939297 ike V=root:0:XXXXXX IPsec:459: responder preparing SA_INIT msg
2024-12-10 11:36:43.940519 ike V=root:0:XXXXXX IPsec:459: create NAT-D hash local xx.xx.xx.xx/500 remote xxx.xx.xxx.xx/24037
2024-12-10 11:36:43.940603 ike 0:XXXXXX IPsec:459: out C1ED4E56AA50B2A201D9466943A4A7D5212022200000000000000160220000300000002C020100040300000C0100000C800E01000300000802000005030000080300000C0000000804000005280000C800050000
F89CF402B946CB736B777E993E4D3A7DDC7D7E736E80DAF3A657EF5AE2B0C147EDFB6F42C60E403EEC1694898A55EE00B0A836A4DA57B318BEBAB5906F086807E9AA6FECB94671C76B8C038B4484960558719653B92870F369E9B82671249EAF2BE6DA20A3763D8DC146FDC0E5BBEBF
6C6836E88E4BAAD00BFEF0D8E4CA64F005DB8DC99D3A89144918B3231A0A40948899C31AA6C0442069F7A1B72E6EC6488B7B03B5CB030E2CAC54D4804BF6077EE13A7CC8E90DB4DE9F8902F9D6DABF1D6290000140C8BB31EE839FD9E4273A92E4FF965BD2900001C000040046D22C9
D3A8393140025B1151BAF155CCD1A09E330000001C0000400516FADCD3BCD1E0A647D03A0A1986FDD577E4660D
2024-12-10 11:36:43.940727 ike V=root:0:XXXXXX IPsec:459: sent IKE msg (SA_INIT_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=352, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5, oif=7
2024-12-10 11:36:43.940887 ike 0:XXXXXX IPsec:459: IKE SA c1ed4e56aa50b2a2/01d9466943a4a7d5 SK_ei 32:14777F25B97BCCD196D4A8D72E8F9E296C75B36695B8C164E484474BD5F4A991
2024-12-10 11:36:43.940929 ike 0:XXXXXX IPsec:459: IKE SA c1ed4e56aa50b2a2/01d9466943a4a7d5 SK_er 32:8F9481682381EDFCBCA8FA47E5C64F34E21FE5D3252F80D3589DBCA7C6983E58
2024-12-10 11:36:43.940967 ike 0:XXXXXX IPsec:459: IKE SA c1ed4e56aa50b2a2/01d9466943a4a7d5 SK_ai 32:E15AA0346C100039BD4BEC20C4D8858525D0877C6A8B64413E3578D88A3580C9
2024-12-10 11:36:43.941018 ike 0:XXXXXX IPsec:459: IKE SA c1ed4e56aa50b2a2/01d9466943a4a7d5 SK_ar 32:AAA13474C3C9C96A3366546F59EABBF8A2BC0D445F7A0E0FCED9B01FEEB36CAA
2024-12-10 11:36:43.987008 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=640....
2024-12-10 11:36:43.987099 ike V=root:0: IKEv2 exchange=AUTH id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000001 len=640
2024-12-10 11:36:43.987143 ike 0: in C1ED4E56AA50B2A201D9466943A4A7D52E202308000000010000028023000264C3AE9BD8096F81A0A63B00C0BD7300E6AC0F4120BD343FCE922A704B5245DC504E20A78323A5AAF1EE4327EC7DF686CC38DD79ADC6A7C84ABDACADF3D9
8A4729B5C78118722651F79E301756A1D228DE939D1E7D2DF31663FE03E74954DEB041A0B2A505AD35EF38B8F68C0C57F6F661B5CE1F389F5994331F7CC0E008CA51B61AE9989257D2CC0116E310A9C39670754B3422A3FE62A01A02CD516692F065B91D39F414548DE304BBD5C47FF
8B46B0E5EDB919B53869651F6C1530D9D1319E5C884B2E0530476B75FEE8B4F38B87618EDA9E1309C66C4DCE3C9C682871F9D9D2A344BCA5C175725EA4DB18E3E3905D488B1C3CCAF166BBB215E41148483F8DC341C22DE91F9104BF06C1E145DC3D1B54E3F071A94BC7A1B9D77482B
A907B8B380FDB5F9D0ADE046736106BB2A334FA830519961FFF50F8E454E8D0E0561FCEBF1568CCF6FA24030F33C6523B5286054B7FC0A60A19C536A9A9FF284EF6727ED23B1BD5E267745A27C6BAD05E7400205F2E0A395A765A296356C15BB20DAD2A432AF2E2A0EDBEAFD6B62676
ECAD45777D8D0F87A50C2C021A0A2C288C642669F1896B81D7A779EEEFE59C7F7FC2326395DDFB56132E47F61D25DF631D60DD479779FCC81B32BCF0E317F6E37624E3794AC4BFF3C1AEA91DFD4A36220C0435D742E8E21A2018808EC80271F32AF5493FA142A97D81EFC19A51C6F37
D8C3CF7F92A03464576470471C208FD58EBF43D256F9531639EACE1DC0687DA25AC5B099E0BA4C48A409EB6654E439076457F394A30994C2D8A08E52AF22DA63455F78903636CA3D997C8D36EB894568CA45CC4DF4083AA11182C9097030DFC2810076AAF8
2024-12-10 11:36:43.987316 ike 0:XXXXXX IPsec:459: dec C1ED4E56AA50B2A201D9466943A4A7D52E2023080000000100000251230000042900000C01000000C0A8344629000008000040002F00013D0000F1005645523D310A4643545645523D372E342E312E313733360A
5549443D36413243394145443231354334443246383230383437413744453339364246320A49503D3139322E3136382E35322E37300A4D41433D63382D62322D39622D38382D36372D34363B63382D62322D39622D38382D36372D34323B63382D62322D39622D38382D36372D34333
B63612D62322D39622D38382D36372D34323B38342D62352D39332D35392D34372D34303B0A484F53543D5654452D50432D3035340A555345523D36413243394145443231354334443246383230383437413744453339364246320A4F535645523D4D6963726F736F66742057696E64
6F777320313120456E74657270726973652045646974696F6E2C2036342D62697420286275696C64203232363331290A5245475F5354415455533D300A002100005C01000000000700104643543830303237393039383339353100010000000200000003000000040000000D0000001
9000000080000000F0000000A0000000B000070010000540A0000540B00007000000070060000001900002C0000540200002801030403BD2BD0950300000C0100000C800E0080030000080300000200000008050000000000002802030403BD2BD0950300000C0100000C800E010003
0000080300000C00000008050000002D00001801000000070000100000FFFF00000000FFFFFFFF0000001801000000070000100000FFFF00000000FFFFFFFF
2024-12-10 11:36:43.987398 ike V=root:0:XXXXXX IPsec:459: responder received AUTH msg
2024-12-10 11:36:43.987433 ike V=root:0:XXXXXX IPsec:459: processing notify type INITIAL_CONTACT
2024-12-10 11:36:43.987504 ike V=root:0:XXXXXX IPsec:459: processing notify type FORTICLIENT_CONNECT
2024-12-10 11:36:43.987556 ike V=root:0:XXXXXX IPsec:459: received FCT data len = 309, data = 'VER=1
FCTVER=7.4.1.1736
UID=6A2C9AED215C4D2F820847A7DE396BF2
IP=192.168.52.70
MAC=c8-b2-9b-88-67-46;c8-b2-9b-88-67-42;c8-b2-9b-88-67-43;ca-b2-9b-88-67-42;84-b5-93-59-47-40;
HOST=VTE-PC-054
USER=6A2C9AED215C4D2F820847A7DE396BF2
OSVER=Microsoft Windows 11 Enterprise Edition, 64-bit (build 22631)
REG_STATUS=0
'
2024-12-10 11:36:43.987648 ike V=root:0:XXXXXX IPsec:459: received FCT-UID : 6A2C9AED215C4D2F820847A7DE396BF2
2024-12-10 11:36:43.987680 ike V=root:0:XXXXXX IPsec:459: received EMS SN :
2024-12-10 11:36:43.987711 ike V=root:0:XXXXXX IPsec:459: received EMS tenant ID :
2024-12-10 11:36:43.987745 ike V=root:0:XXXXXX IPsec:459: peer identifier IPV4_ADDR 192.168.52.70
2024-12-10 11:36:43.987778 ike V=root:0:XXXXXX IPsec:459: re-validate gw ID
2024-12-10 11:36:43.987823 ike V=root:0:XXXXXX IPsec:459: gw validation OK
2024-12-10 11:36:43.987859 ike V=root:0:XXXXXX IPsec:459: responder preparing EAP identity request
2024-12-10 11:36:43.988068 ike 0:XXXXXX IPsec:459: enc 2700000C01000000515A25623000002802000000157F6FB30F6E06277550958D4B2E3FDB3376601E4C0411631298B1F3320611E1000000090102000501020102
2024-12-10 11:36:43.988151 ike 0:XXXXXX IPsec:459: out C1ED4E56AA50B2A201D9466943A4A7D52E2023200000000100000080240000644427FEEDDB2F793D8C30BE54FFB9B5D9DF4EF73111D7245E5959C0A72A6E2B2C7AED7BA56F388E4851CEE7D529D0683451722323
A63A2F8F6A36D0F64C29BEEE6F83CE60730DE7276AA1E9B3072D3B70C333E259A9A70111FC9D6D538D3A8175
2024-12-10 11:36:43.988258 ike V=root:0:XXXXXX IPsec:459: sent IKE msg (AUTH_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=128, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000001, oif=7
2024-12-10 11:36:44.026827 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=112....
2024-12-10 11:36:44.026935 ike V=root:0: IKEv2 exchange=AUTH id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000002 len=112
2024-12-10 11:36:44.026968 ike 0: in C1ED4E56AA50B2A201D9466943A4A7D52E202308000000020000007030000054D200243699A799962ED3823B560AE84E8AFE187C3CE53CDACCBC820196674897A38B19BACFFD7D0B890695810321522877234C407D61F125E197234FFB
7B2BC1813EC31F8424C82731D5EA4AD7BDDE7B
2024-12-10 11:36:44.027094 ike 0:XXXXXX IPsec:459: dec C1ED4E56AA50B2A201D9466943A4A7D52E2023080000000200000049300000040000002902020025013641324339414544323135433444324638323038343741374445333936424632
2024-12-10 11:36:44.027133 ike V=root:0:XXXXXX IPsec:459: responder received EAP msg
2024-12-10 11:36:44.027166 ike V=root:0:XXXXXX IPsec:459: send EAP message to FNBAM
2024-12-10 11:36:44.027196 ike V=root:0:XXXXXX IPsec:459: initiating EAP authentication
2024-12-10 11:36:44.027228 ike V=root:0:XXXXXX IPsec: EAP user "6A2C9AED215C4D2F820847A7DE396BF2"
2024-12-10 11:36:44.027258 ike V=root:0:XXXXXX IPsec: auth group AAD-IPSEC-VPN-USERS
2024-12-10 11:36:44.027360 ike V=root:0:XXXXXX IPsec: EAP 1400352022681 pending
2024-12-10 11:36:44.029211 ike V=root:0:XXXXXX IPsec:459 EAP 1400352022681 result FNBAM_CHALLENGED
2024-12-10 11:36:44.029303 ike V=root:0:XXXXXX IPsec: EAP challenged for user "6A2C9AED215C4D2F820847A7DE396BF2"
2024-12-10 11:36:44.029341 ike V=root:0:XXXXXX IPsec:459: responder preparing EAP pass through message
2024-12-10 11:36:44.029391 ike 0:XXXXXX IPsec:459: enc 00000025010300211A0103001C1059E129E2DEC4AA3D51231456D3DD52FE686F73746170640A0908070605040302010A
2024-12-10 11:36:44.029496 ike 0:XXXXXX IPsec:459: out C1ED4E56AA50B2A201D9466943A4A7D52E202320000000020000007030000054FF8CB3A079CD03D36CA2C385BAAE4229FAE1AD2E9E8F56D1DD0D870D965303C77AE6E79B9E8512DCABF92E99CC0FF6CDE42E6404
E36438341DB78756AADC4516702EADC8B6AD80A505563ADA88F47109
2024-12-10 11:36:44.029583 ike V=root:0:XXXXXX IPsec:459: sent IKE msg (AUTH_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=112, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000002, oif=7
2024-12-10 11:36:44.062767 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=160....
2024-12-10 11:36:44.062862 ike V=root:0: IKEv2 exchange=AUTH id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000003 len=160
2024-12-10 11:36:44.062895 ike 0: in C1ED4E56AA50B2A201D9466943A4A7D52E20230800000003000000A030000084F86F972C0F7C62544EEDB3F7EC761DC75F932B3082956390C8788BE9D0784029B62098536056B59695EB0D3AC153B19F3864783E451C6E8D1C794ED041
94CEBC1EF430F0C11183D18DE611351877DB91910C09E6066B0832DE64179E360B92F05CA03B8E507A5C1FFF8AC629305936494AEDA78EAC247340AAADA5918884EDC8
2024-12-10 11:36:44.063025 ike 0:XXXXXX IPsec:459: dec C1ED4E56AA50B2A201D9466943A4A7D52E202308000000030000007F300000040000005F0203005B1A020300563152D9759362B69158DCA80FD2F5BA98BA00000000000000005A1792A3EF80FFF8D7C1BAD28DEE
65E0EC85DB21AA42310F003641324339414544323135433444324638323038343741374445333936424632
2024-12-10 11:36:44.063071 ike V=root:0:XXXXXX IPsec:459: responder received EAP msg
2024-12-10 11:36:44.063104 ike V=root:0:XXXXXX IPsec:459: send EAP message to FNBAM
2024-12-10 11:36:44.063152 ike V=root:0:XXXXXX IPsec: EAP 1400352022681 pending
2024-12-10 11:36:44.064626 ike V=root:0:XXXXXX IPsec:459 EAP 1400352022681 result FNBAM_CHALLENGED
2024-12-10 11:36:44.064703 ike V=root:0:XXXXXX IPsec: EAP challenged for user "6A2C9AED215C4D2F820847A7DE396BF2"
2024-12-10 11:36:44.064736 ike V=root:0:XXXXXX IPsec:459: responder preparing EAP pass through message
2024-12-10 11:36:44.064790 ike 0:XXXXXX IPsec:459: enc 0000003C010400381A03030033533D46353631464346453039434630413332394236373744424134314233344541363431304339313634204D3D4F4B03020103
2024-12-10 11:36:44.064891 ike 0:XXXXXX IPsec:459: out C1ED4E56AA50B2A201D9466943A4A7D52E202320000000030000008030000064BD39787E3232D09BF681DDBB0121DCDA1F0CB6CF705619F1D489D3592DDD9ABF92CD89D0E0E189920A050348BD100B4EE48DEBAF
8484BBFADBAA596527C83A89CA68354F316A60CFD760EFDF812342BE104C3FEDC65BEF237592AFEF1FA5C22D
2024-12-10 11:36:44.064979 ike V=root:0:XXXXXX IPsec:459: sent IKE msg (AUTH_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=128, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000003, oif=7
2024-12-10 11:36:44.092783 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=80....
2024-12-10 11:36:44.092878 ike V=root:0: IKEv2 exchange=AUTH id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000004 len=80
2024-12-10 11:36:44.092912 ike 0: in C1ED4E56AA50B2A201D9466943A4A7D52E202308000000040000005030000034ADD216DDBB4086C44A1A467EE8A9C64ED9AA4DA5CA5912945714A7EF5E4ED629D2AE4175DD9BA9F33779B5555A899C8C
2024-12-10 11:36:44.093028 ike 0:XXXXXX IPsec:459: dec C1ED4E56AA50B2A201D9466943A4A7D52E202308000000040000002A300000040000000A020400061A03
2024-12-10 11:36:44.093067 ike V=root:0:XXXXXX IPsec:459: responder received EAP msg
2024-12-10 11:36:44.093100 ike V=root:0:XXXXXX IPsec:459: send EAP message to FNBAM
2024-12-10 11:36:44.093149 ike V=root:0:XXXXXX IPsec: EAP 1400352022681 pending
2024-12-10 11:36:44.094326 ike V=root:0:XXXXXX IPsec:459 EAP 1400352022681 result FNBAM_SUCCESS
2024-12-10 11:36:44.094393 ike V=root:0:XXXXXX IPsec: EAP succeeded for user "6A2C9AED215C4D2F820847A7DE396BF2" group "AAD-IPSEC-VPN-USERS" 2FA=no
2024-12-10 11:36:44.094486 ike V=root:0:XXXXXX IPsec:459: responder preparing EAP pass through message
2024-12-10 11:36:44.094539 ike 0:XXXXXX IPsec:459: enc 00000008030400040706050403020107
2024-12-10 11:36:44.094636 ike 0:XXXXXX IPsec:459: out C1ED4E56AA50B2A201D9466943A4A7D52E202320000000040000005030000034AAF62162C7EB0C23E18EBD27EDDE598A0E51A8FD86A770C706D83B1DAB1A4F54AABC8CA3622235139AE847F99FC15C61
2024-12-10 11:36:44.094714 ike V=root:0:XXXXXX IPsec:459: sent IKE msg (AUTH_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=80, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000004, oif=7
2024-12-10 11:36:44.138755 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=112....
2024-12-10 11:36:44.138852 ike V=root:0: IKEv2 exchange=AUTH id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000005 len=112
2024-12-10 11:36:44.138886 ike 0: in C1ED4E56AA50B2A201D9466943A4A7D52E202308000000050000007027000054E510561CE9885ABBE8559FB553C9D3CB8C92858F0BB84710B21E965F3BF9BEFE0328DF720673AA1D6C0FC744BB1BDE2BDB1F57281F433B31CE78801504
AE10FF87405347CD20A1142B9476146BF26057
2024-12-10 11:36:44.139013 ike 0:XXXXXX IPsec:459: dec C1ED4E56AA50B2A201D9466943A4A7D52E202308000000050000004827000004000000280200000030DC53D60B6BF9245C88FF5989175A418F7B9F64D6CD8B0FD39E60156E5B5146
2024-12-10 11:36:44.139051 ike V=root:0:XXXXXX IPsec:459: responder received AUTH msg
2024-12-10 11:36:44.139136 ike V=root:0:XXXXXX IPsec:459: auth verify done
2024-12-10 11:36:44.139168 ike V=root:0:XXXXXX IPsec:459: responder AUTH continuation
2024-12-10 11:36:44.139198 ike V=root:0:XXXXXX IPsec:459: authentication succeeded
2024-12-10 11:36:44.139269 ike V=root:0:XXXXXX IPsec:459: responder creating new child
2024-12-10 11:36:44.139328 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 7 request 16:'46435438303032373930393833393531'
2024-12-10 11:36:44.139361 ike V=root:0:XXXXXX IPsec:459: mode-cfg received APPLICATION_VERSION 'FCT8002790983951'
2024-12-10 11:36:44.139392 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 1 request 0:''
2024-12-10 11:36:44.139427 ike V=root:0:XXXXXX IPsec: mode-cfg allocate 10.72.76.61/0.0.0.0
2024-12-10 11:36:44.139458 ike V=root:0:XXXXXX IPsec:459: mode-cfg using allocated IPv4 10.72.76.61
2024-12-10 11:36:44.139487 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 2 request 0:''
2024-12-10 11:36:44.139517 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 3 request 0:''
2024-12-10 11:36:44.139547 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 4 request 0:''
2024-12-10 11:36:44.139576 ike V=root:0:XXXXXX IPsec:459: mode-cfg WINS ignored, no WINS servers configured
2024-12-10 11:36:44.139605 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 13 request 0:''
2024-12-10 11:36:44.139633 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 25 request 0:''
2024-12-10 11:36:44.139662 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 8 request 0:''
2024-12-10 11:36:44.139691 ike V=root:0:XXXXXX IPsec: IPv6 pool is not configured
2024-12-10 11:36:44.139720 ike V=root:0:XXXXXX IPsec:459: mode-cfg could not allocate IPv6 address
2024-12-10 11:36:44.139749 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 15 request 0:''
2024-12-10 11:36:44.139778 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 10 request 0:''
2024-12-10 11:36:44.139807 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 11 request 0:''
2024-12-10 11:36:44.139836 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 11 not supported, ignoring
2024-12-10 11:36:44.139865 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 28673 request 0:''
2024-12-10 11:36:44.139895 ike V=root:0:XXXXXX IPsec:459: mode-cfg UNITY type 28673 requested
2024-12-10 11:36:44.139924 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 21514 request 0:''
2024-12-10 11:36:44.139953 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 21514 requested
2024-12-10 11:36:44.139981 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 21515 request 0:''
2024-12-10 11:36:44.140010 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 21515 requested
2024-12-10 11:36:44.140038 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 28672 request 0:''
2024-12-10 11:36:44.140066 ike V=root:0:XXXXXX IPsec:459: mode-cfg UNITY type 28672 requested
2024-12-10 11:36:44.140095 ike V=root:0:XXXXXX IPsec:459: mode-cfg no banner configured, ignoring
2024-12-10 11:36:44.140123 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 28678 request 0:''
2024-12-10 11:36:44.140152 ike V=root:0:XXXXXX IPsec:459: mode-cfg UNITY type 28678 requested
2024-12-10 11:36:44.140180 ike V=root:0:XXXXXX IPsec:459: mode-cfg type 25 request 0:''
2024-12-10 11:36:44.140225 ike V=root:0:XXXXXX IPsec:459:531: peer proposal:
2024-12-10 11:36:44.140259 ike V=root:0:XXXXXX IPsec:459:531: TSi_0 0:0.0.0.0-255.255.255.255:0
2024-12-10 11:36:44.140292 ike V=root:0:XXXXXX IPsec:459:531: TSr_0 0:0.0.0.0-255.255.255.255:0
2024-12-10 11:36:44.140322 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: comparing selectors
2024-12-10 11:36:44.140355 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: matched by rfc-rule-2
2024-12-10 11:36:44.140385 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: phase2 matched by subset
2024-12-10 11:36:44.140420 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: using mode-cfg override 0:10.72.76.61-10.72.76.61:0
2024-12-10 11:36:44.140452 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: accepted proposal:
2024-12-10 11:36:44.140485 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: TSi_0 0:10.72.76.61-10.72.76.61:0
2024-12-10 11:36:44.140517 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: TSr_0 0:0.0.0.0-255.255.255.255:0
2024-12-10 11:36:44.140548 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: dialup
2024-12-10 11:36:44.140600 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: incoming child SA proposal:
2024-12-10 11:36:44.140631 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: proposal id = 1:
2024-12-10 11:36:44.140661 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:   protocol = ESP:
2024-12-10 11:36:44.140690 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:      encapsulation = TUNNEL
2024-12-10 11:36:44.140721 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:         type=ENCR, val=AES_CBC (key_len = 128)
2024-12-10 11:36:44.140750 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:         type=INTEGR, val=SHA
2024-12-10 11:36:44.140780 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:         type=ESN, val=NO
2024-12-10 11:36:44.140809 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:         PFS is disabled
2024-12-10 11:36:44.140844 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: matched proposal id 1
2024-12-10 11:36:44.140872 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: proposal id = 1:
2024-12-10 11:36:44.140902 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:   protocol = ESP:
2024-12-10 11:36:44.140930 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:      encapsulation = TUNNEL
2024-12-10 11:36:44.140960 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:         type=ENCR, val=AES_CBC (key_len = 128)
2024-12-10 11:36:44.140990 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:         type=INTEGR, val=SHA
2024-12-10 11:36:44.141095 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:         type=ESN, val=NO
2024-12-10 11:36:44.141133 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531:         PFS is disabled
2024-12-10 11:36:44.141170 ike V=root:0:XXXXXX IPsec:459:IPSec VPN:531: lifetime=43200
2024-12-10 11:36:44.141254 ike V=root:0:XXXXXX IPsec:459: responder preparing AUTH msg
2024-12-10 11:36:44.141308 ike V=root:0:XXXXXX IPsec: adding new dynamic tunnel for xxx.xx.xxx.xx:24037
2024-12-10 11:36:44.144884 ike 0:XXXXXX IPsec_0:459: out C1ED4E56AA50B2A201D9466943A4A7D52E2023200000000500000150240001346424B36576F5B0A6113FEC3E8D2AE21246CF1E5F16AB700CB29859DDEAD0EF6F5435B46F24D8C2FFE2C7BC54E97FF0BD9DBDC2
65E45948EBF0F4685913FE109E95D3C5F6367815CB82F374C4D2D3DA58890A59930ADA9411943BEB7B980D05A073736F950A73CB11BB76A909723AA07E21E845C88FD3296504E6C31B66E714D2CCB68274BA1731241826238DC0A5DE4E3FA547EED34F107741ACC3DB133C39503AFE5
7180A067B1C04D2EEEDA48712C4719FF76F2DC753C959BBDDFDDC6021F0A41F154EF08F2A7DE2186AD71AD738FD9E90E9AAF92F7D8DB30CA356B7410E288526483D69EC1C369558C7A4210E18FABBCCB54BD2ECBB271B278DA1DD183EC2F5811527F9E7E79AC9DF72E0D67955DCD24E
E21EEE0F0F833E9A6F93282FD9FA790C42B10A0BB1095CCC4E7B721723DF
2024-12-10 11:36:44.145039 ike V=root:0:XXXXXX IPsec_0:459: sent IKE msg (AUTH_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=336, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000005, oif=7
2024-12-10 11:36:45.603028 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-10 11:36:45.603133 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=efc0d18a3dc02ab3/c64ee058a45ecf72:00000097 len=76
2024-12-10 11:36:45.603166 ike 0: in EFC0D18A3DC02AB3C64EE058A45ECF722E202508000000970000004C000000309E635FD5101BE16277451C6DF4A9907176D73E5DBE09D628D646C82D4A541FEC338915D7BB1EF3B9BE40D3C1
2024-12-10 11:36:49.414823 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=80....
2024-12-10 11:36:49.414915 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000006 len=80
2024-12-10 11:36:49.414950 ike 0: in C1ED4E56AA50B2A201D9466943A4A7D52E202508000000060000005000000034DD1AE9CC6A4DD0B3D3D5CC57CD6FEB582151DBFF0C79A2FE6EC7A28691012B81BE535BD90ED70E9A790F2BE3260A7A49
2024-12-10 11:36:49.415135 ike 0:XXXXXX IPsec_0:459: out C1ED4E56AA50B2A201D9466943A4A7D52E202520000000060000005000000034039AD27F33042472CBAACDFD2354D842067F79F6925E68EE4C4C779A9DDF3EA51AC65863384B3A922F0DCB2E57E2388D
2024-12-10 11:36:49.415217 ike V=root:0:XXXXXX IPsec_0:459: sent IKE msg (INFORMATIONAL_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=80, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000006, oif=7
2024-12-10 11:36:53.275191 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-10 11:36:53.275295 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=c87c0c2ee891eeb5/0d86f6dc7c1926d8:0000006b len=76
2024-12-10 11:36:53.275329 ike 0: in C87C0C2EE891EEB50D86F6DC7C1926D82E2025080000006B0000004C000000309E217B52E0E4C116D5934E21FA420327118B9056A13819E575BBF891B90165358BCAE8983539BE162E306D17
2024-12-10 11:36:54.508733 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=80....
2024-12-10 11:36:54.508838 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000007 len=80
2024-12-10 11:36:54.508874 ike 0: in C1ED4E56AA50B2A201D9466943A4A7D52E202508000000070000005000000034E371737C35A60367CEFB8FADB6B0E2ECE355EB6B024CA7A31328992F961A415F62BAFE85E2045092D344217DDC34079A
2024-12-10 11:36:54.509051 ike 0:XXXXXX IPsec_0:459: out C1ED4E56AA50B2A201D9466943A4A7D52E202520000000070000005000000034160084771A7C1012C373B45AAB8A915DA25076C0A01FF29C4C0D64E3551D5BDF5E9D887492898FF1127176C61B914530
2024-12-10 11:36:54.509144 ike V=root:0:XXXXXX IPsec_0:459: sent IKE msg (INFORMATIONAL_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=80, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000007, oif=7
2024-12-10 11:36:55.603257 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-10 11:36:55.603365 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=efc0d18a3dc02ab3/c64ee058a45ecf72:00000098 len=76
2024-12-10 11:36:55.603399 ike 0: in EFC0D18A3DC02AB3C64EE058A45ECF722E202508000000980000004C0000003016D22DCF5CBA5AF284E6CD37B3CD0857D50E50B11E05060CEF3832854708559E28310B61AB84B00260BE41CC
2024-12-10 11:36:59.558692 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=80....
2024-12-10 11:36:59.558779 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000008 len=80
2024-12-10 11:36:59.558813 ike 0: in C1ED4E56AA50B2A201D9466943A4A7D52E202508000000080000005000000034C88843B82C85DC7AB828B9CBB1FE713144BD03208459123C5A59EAD4A818B7FCB84C08A957226001F167321041CF10FB
2024-12-10 11:36:59.558967 ike 0:XXXXXX IPsec_0:459: out C1ED4E56AA50B2A201D9466943A4A7D52E2025200000000800000050000000343FA57A7368C2402D1544F3F87AF9982DBD10BF9F61A1E097036F02038B40B4AFCC7A105AA9F0E50AC716CED0E1E63CBF
2024-12-10 11:36:59.559050 ike V=root:0:XXXXXX IPsec_0:459: sent IKE msg (INFORMATIONAL_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=80, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000008, oif=7
2024-12-10 11:37:02.314572 ike V=root:0: comes xxx.xx.xxx.xx:24037->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=80....
2024-12-10 11:37:02.314676 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000009 len=80
2024-12-10 11:37:02.314711 ike 0: in C1ED4E56AA50B2A201D9466943A4A7D52E20250800000009000000502A000034C5C08505E3DCE38965232B182DF9A2C80F258333AE906A904BE91A283C6DFF5AE41F03A80DE707F79709769AB959F373
2024-12-10 11:37:02.314888 ike 0:XXXXXX IPsec_0:459: out C1ED4E56AA50B2A201D9466943A4A7D52E202520000000090000005000000034EC548327AEFBA84A6BB5033621F66B9BA9BD29844DADC1703A687AE85FC2878BA7F8FE8373C1820C57A96D3586F8AB83
2024-12-10 11:37:02.314993 ike V=root:0:XXXXXX IPsec_0:459: sent IKE msg (INFORMATIONAL_RESPONSE): xx.xx.xx.xx:500->xxx.xx.xxx.xx:24037, len=80, vrf=0, id=c1ed4e56aa50b2a2/01d9466943a4a7d5:00000009, oif=7
2024-12-10 11:37:03.275750 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-10 11:37:03.275854 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=c87c0c2ee891eeb5/0d86f6dc7c1926d8:0000006c len=76
2024-12-10 11:37:03.275897 ike 0: in C87C0C2EE891EEB50D86F6DC7C1926D82E2025080000006C0000004C00000030887C2EB295D06B7277C35D049CB9415FC39C32CCF6937A0F26B8B404F9924224B27A1D18C3D6CD534A05EEE5

 

 

 

I have already researched on the internet and tried various things.

-> disable IPV6 on the WiFi/NIC Adapter

-> KB2693643 - But this update is not installed on my device.

-> RSAT is not installed on my device.

 

Best Regards
fabs

Labels:
492
0 Kudos
14 REPLIES 14
fabs
New Contributor III
In response to sjoshi

Created on ‎12-12-2024 05:49 AM

@sjoshi 

Unfortunately, I'm at the end of my ideas.

I have now set up a fresh none domain workstation with Windows 11 Pro 24H2 with all updates. FortiClientVPN 7.4.1.1736 installed
VPN Config is identical to mine from my corporate domain notebook.
When I connect now, I get the SSO prompt but the tunnel is not established.

100f_serverroom # diag debug reset

100f_serverroom # diag debug console timestamp en

100f_serverroom # diag vpn ike log filter name "****** IPsec VPN"

100f_serverroom # diag debug application ike -1
Debug messages will be on for 30 minutes.

100f_serverroom # diag debug enable

100f_serverroom # 2024-12-12 14:42:05.644046 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:05.644179 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005ad len=76
2024-12-12 14:42:05.644219 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005AD0000004C0000003016811154325DFE8BF03CF091F3049F818DCEE06478B512A5192C43D9D47AA7EF348D23CDEC384CE845E12F74
2024-12-12 14:42:06.900003 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:06.900114 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005d9 len=76
2024-12-12 14:42:06.900154 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005D90000004C000000308098DCD76127C0EE442CB9D70FD3D5E7B4C4501E121BEEF3F82055CABF97FE2692A7310BA9E52D2B22EEC726
2024-12-12 14:42:15.644365 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:15.644493 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005ae len=76
2024-12-12 14:42:15.644532 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005AE0000004C000000303A1CB9D71302C376AC2DF5624EB340491B6BB89F4BBBA0F714349D294456C85D5C5705F36E93FFE1EEB213C8
2024-12-12 14:42:16.900830 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:16.900966 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005da len=76
2024-12-12 14:42:16.901094 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005DA0000004C0000003013EA6CDA7880D700B0684416F2EAACB1ADBB54A9F74265361AD6E8E0F5E4CB2A54CED5C18AA50E8B76EAB839
2024-12-12 14:42:25.644789 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:25.644912 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005af len=76
2024-12-12 14:42:25.644952 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005AF0000004C0000003001DBAF12AAE3642499AD16CD95B4DFCBB99D3BD496D486341DB3E062DA61BE08D0AC87008D34D28F6F47D47C
2024-12-12 14:42:26.900888 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:26.900996 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005db len=76
2024-12-12 14:42:26.901113 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005DB0000004C00000030DBEC26DC02ADAA8748F5926D58C57B543DAECB1382FC78DF31B5F01507891CD7292363F8E5C4D84617555542
2024-12-12 14:42:35.645128 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:35.645245 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b0 len=76
2024-12-12 14:42:35.645285 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B00000004C000000302350CC310EBEAF12ED80E2F6B6058181620CE4D40B403A6F5583AB70B8D175D2013019F8A40994E60BD74229
2024-12-12 14:42:36.901214 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:36.901324 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005dc len=76
2024-12-12 14:42:36.901363 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005DC0000004C000000303EED12E446C93185AC688C81CE99D38C481A4C9F51BC60E7A3C094DD890130673088865C6F3ABFB79CAC64BD
2024-12-12 14:42:45.645360 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:45.645481 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b1 len=76
2024-12-12 14:42:45.645520 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B10000004C00000030C9EAF64DD2EED91F4AEAA0A926ABD7455CCAC7F3400C31800599C5E1AB2ECE11519DBDC53C1EABE69EF3CBA5
2024-12-12 14:42:46.901691 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:46.901802 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005dd len=76
2024-12-12 14:42:46.901841 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005DD0000004C00000030EF169C13BAB5DDCE30A384011913EA88DC125F9FE3E9857D504433B53AB0A276F4D0CCCDF8DB492EFE54EF0E
2024-12-12 14:42:55.645752 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:55.645872 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b2 len=76
2024-12-12 14:42:55.645912 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B20000004C0000003021083C7D530FD0D11A453DB47BFFC10F4DBFC4469E9B012B190D8116869C9540A8D0AA7C3FFDBCB367F27D46
2024-12-12 14:42:56.901780 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:42:56.901890 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005de len=76
2024-12-12 14:42:56.901928 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005DE0000004C0000003073BC2D502DE6C2EFD740EE0F70AC500D4C16E83E33B991F7F21557C293987BB8611C64706B14E9E51FCB39EA
2024-12-12 14:43:05.646664 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:05.646778 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b3 len=76
2024-12-12 14:43:05.646818 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B30000004C000000306A2066A76D7FE97FDB5BFF77DD50078EED58E29867FF9915B235B782173633A580DDD988F905AC42A51E26AF
2024-12-12 14:43:06.902102 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:06.902217 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005df len=76
2024-12-12 14:43:06.902256 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005DF0000004C00000030FDECE114CCDB18D77C52069CA60854F4F16DB94B5F897634FA4E3AA8EF326E80F1D0BCD2228AA88B3C959CE0
2024-12-12 14:43:15.646988 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:15.647116 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b4 len=76
2024-12-12 14:43:15.647156 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B40000004C000000305D53724D783220457A8C693CB9E5A7256295086DC0889CBD335DF48DE9588B937851A7303F391FB7687F23AD
2024-12-12 14:43:16.902428 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:16.902551 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005e0 len=76
2024-12-12 14:43:16.902590 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005E00000004C00000030AE22BDD9E210F2766E4ED1C85540DB9EC880DB347DED6AB93E1036145C79BCBF9A2695037724EBCF34925560
2024-12-12 14:43:25.648372 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:25.648495 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b5 len=76
2024-12-12 14:43:25.648534 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B50000004C000000300720281407E599CA813FE786120489EAB6FAE4073F45C6B24BAC80E2D3245AE349BADC6DD7920C09821257DE
2024-12-12 14:43:26.902761 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:26.902878 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005e1 len=76
2024-12-12 14:43:26.902917 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005E10000004C000000309CED1D30D4BB6371B0E2ED2651C17B9704BC09335BD16A968F19CD7E1436A16FF07C6EF808FF69F432E24CE6
2024-12-12 14:43:35.648614 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:35.648738 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b6 len=76
2024-12-12 14:43:35.648777 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B60000004C00000030F0C0F6D4788C6180E32D5A1B7A8515D6B64730D37269516DFBD547C5E0B918483BA4602D737D405B3BEB6EA5
2024-12-12 14:43:36.903278 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:36.903407 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005e2 len=76
2024-12-12 14:43:36.903446 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005E20000004C00000030A78F0C3B369C3D21F773EA8B602EB147140E24CC990A5026F16A2A565931290EEC451C3257F20655B0B0435F
2024-12-12 14:43:45.649198 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:45.649326 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b7 len=76
2024-12-12 14:43:45.649365 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B70000004C00000030A05EFCFC1656747BD4AB471FD6F4EA404B2C85FDBE97FECC8E37B26D97302C48916EDFE9F2467938004D9BD1
2024-12-12 14:43:46.903525 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:46.903641 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005e3 len=76
2024-12-12 14:43:46.903680 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005E30000004C00000030BF8CFB155602285E00315418775F0FB1200433340A8135E5D4799548929DB497E62B27EE9EFF80B9C25F33DF
2024-12-12 14:43:55.649487 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:55.649612 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b8 len=76
2024-12-12 14:43:55.649651 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B80000004C000000307DE59F6C8B7DBA9AB8E411E5662C6AE0B279B2B0B59127E444F72E3A30152492A98E492CCB3F81F39FD90108
2024-12-12 14:43:56.903725 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:43:56.903832 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005e4 len=76
2024-12-12 14:43:56.903871 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005E40000004C00000030996A66E121512EDFB11BBDD79FC58A77583AF0421EDEC84076C5AAF9B66E7170A8E6B70C0D4440A6ED940A52
2024-12-12 14:44:05.649818 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:44:05.649955 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005b9 len=76
2024-12-12 14:44:05.649995 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005B90000004C000000301796E02B1B861C8756C2FB3ABE222EBAE4E6E471502F3B4CA4FD7FAC94B5A5FC9FE4C6ABEB38B3EE34AD3267
2024-12-12 14:44:06.904178 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:44:06.904288 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005e5 len=76
2024-12-12 14:44:06.904326 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005E50000004C00000030042CF4141B15166FD4B8D8BD2C936E00E9F06D82BE1C98DFEF9D4B86FCF236CA87AAC4DADD557E6F54579994
2024-12-12 14:44:12.207000 ike V=root:0: comes 109.43.179.142:16648->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=409....
2024-12-12 14:44:12.207125 ike V=root:0: IKEv2 exchange=SA_INIT id=de6afe741bae3ffb/0000000000000000 len=409
2024-12-12 14:44:12.207166 ike 0: in DE6AFE741BAE3FFB00000000000000002120220800000000000001992200005C0200002C010100040300000C0100000C800E00800300000802000002030000080300000200000008040000050000002C020100040300000C0100000C800E01000300000802000005030000080300000C0000000804000005280000C800050000B15AD9A64AD0C98149A2FA0BC6F1170FF9A41C830CDEBEEBE638E87566EE59FCC73E9B72133A33B2593DDAE5F1A48AA7D08A7F27A42D220E28C38D94E9A332CACFE39B8D445463645D9571964CC0FADD72850CA3993A67F24ED5AE3E97540600AE86DFB91ABFC0733E302592223D86B00B2CB5D621019979BAB408D60A136C3B8F530C18544678EFEC54413F3C5BBDC6E8D91714C1A7951F1309A201B055A54EC79EE8CE13E49068676CE05BCCECE419082B5A31DE5E704BA7BE318341C063042B000014C8F54C8DDEC25C67A8B501BBA3E7C84A2B0000144C53427B6D465D1B337BB755A37A7FEF2B000014B4F01CA951E9DA8D0BAFBBD34AD3044E29000014C1DC4350476B98A429B91781914CA43E000000090000F05000
2024-12-12 14:44:12.207272 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: responder received SA_INIT msg
2024-12-12 14:44:12.207320 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
2024-12-12 14:44:12.207365 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
2024-12-12 14:44:12.207409 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: VID Forticlient EAP Extension C1DC4350476B98A429B91781914CA43E
2024-12-12 14:44:12.207454 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: received notify type VPN_NETWORK_ID
2024-12-12 14:44:12.207498 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: NETWORK ID : 0
2024-12-12 14:44:12.207550 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: incoming proposal:
2024-12-12 14:44:12.207593 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: proposal id = 1:
2024-12-12 14:44:12.207627 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:   protocol = IKEv2:
2024-12-12 14:44:12.207659 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:      encapsulation = IKEv2/none
2024-12-12 14:44:12.207694 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=ENCR, val=AES_CBC (key_len = 128)
2024-12-12 14:44:12.207728 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=INTEGR, val=AUTH_HMAC_SHA_96
2024-12-12 14:44:12.207762 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=PRF, val=PRF_HMAC_SHA
2024-12-12 14:44:12.207796 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=DH_GROUP, val=MODP1536.
2024-12-12 14:44:12.207838 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: proposal id = 2:
2024-12-12 14:44:12.207870 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:   protocol = IKEv2:
2024-12-12 14:44:12.207902 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:      encapsulation = IKEv2/none
2024-12-12 14:44:12.207936 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=ENCR, val=AES_CBC (key_len = 256)
2024-12-12 14:44:12.207970 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=INTEGR, val=AUTH_HMAC_SHA2_256_128
2024-12-12 14:44:12.208004 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=PRF, val=PRF_HMAC_SHA2_256
2024-12-12 14:44:12.208037 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=DH_GROUP, val=MODP1536.
2024-12-12 14:44:12.208094 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: matched proposal id 2
2024-12-12 14:44:12.208137 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: proposal id = 2:
2024-12-12 14:44:12.208170 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:   protocol = IKEv2:
2024-12-12 14:44:12.208202 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:      encapsulation = IKEv2/none
2024-12-12 14:44:12.208236 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=ENCR, val=AES_CBC (key_len = 256)
2024-12-12 14:44:12.208270 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=INTEGR, val=AUTH_HMAC_SHA2_256_128
2024-12-12 14:44:12.208316 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=PRF, val=PRF_HMAC_SHA2_256
2024-12-12 14:44:12.208346 ike V=root:0:de6afe741bae3ffb/0000000000000000:577:         type=DH_GROUP, val=MODP1536.
2024-12-12 14:44:12.208375 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: lifetime=86400
2024-12-12 14:44:12.208413 ike V=root:0:de6afe741bae3ffb/0000000000000000:577: SA proposal chosen, matched gateway ****** IPsec
2024-12-12 14:44:12.208488 ike 0:****** IPsec:577: FCT EAP 2FA extension vendor ID received
2024-12-12 14:44:12.296156 ike V=root:0: comes 109.43.179.142:16648->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=608....
2024-12-12 14:44:12.296255 ike V=root:0: IKEv2 exchange=AUTH id=de6afe741bae3ffb/5c25a4832441d570:00000001 len=608
2024-12-12 14:44:12.296297 ike 0: in DE6AFE741BAE3FFB5C25A4832441D5702E202308000000010000026023000244BDE48FC02B463705823FCB0899AB8D0140FCFCD4FDF6C27A6A5CF52954151B26690716E4F837BE9539957C94DA2950D733BC4C6A2AEE103A4D5D51DAFBBD56426243A7B70FCE6B44E94DE3030A05D6446417D300B9FF2D7446E74EE026506FCD4756DFBF9993B986F032EE8820C9B4CC6E4A7B83128BF9FD80D4E254704AA424E4A9EAA62C5B28E9FA259BAC6DD3ABCC18DDFC3B24D45720965162E3EA2F49D5EB1A618D7C199FDBDDB39F5104849D18ADF0B3A25014CA5C8037C4C22365E081BD5E3D8E7185A99760BAE8FAEBD67012400B939B7DD5DBE1F3EEF3A1F510BB2EF59C944E3BDFE15CB64455A49960F78E7C23A265FA68EA1EBEFACEC4A98BE4C4CB96F98AD830415D305E641D1147A573F79755D19B63FA7191629C17DA4F17AD129A465A05600C3C4FBFCA6B97935A600413192FF07C50D91E1DAA2C9FD757C5BB85C7ABFC33EBB88FC43AF9AF4D541C5804D3FB0639179BB18165607A8B4539584760E88774994FB21EA8C5740C20A8B8302229D31D81AFC5688AAF49FB5601C9AB5F2BA88046240B0E8C2C480D5C7EF82B5150BD4D232E51D69242A3EECD67EDD81103A1B3992111ECD934EEB6163624E6BC9624591AAC99460046920B44422F6E04D58D73210C2370B58777E83B15A422AD1E5657D966E970086B1A09C750D8F3377466577301F838B0C6A68BADC3B0752A49EB5E3E76363314260A8BB077095FB3E213560C602638DF2E24BA5EA10834553708C4C2CE10B9D4C410D93AC8295DA724E80A95E8BB8FA80FDB11091FBC723CE726CFE9D6288EC63A6454BD16
2024-12-12 14:44:15.650212 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:44:15.650305 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005ba len=76
2024-12-12 14:44:15.650339 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005BA0000004C000000307BF16CC964AFBA71A933FEDD2243AE4B5D2DDFD5A1AD878A5AC2ED12233AF23E8EB485A32FCEE6EA176A07CD
2024-12-12 14:44:16.905007 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:44:16.905119 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005e6 len=76
2024-12-12 14:44:16.905158 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005E60000004C00000030F9660E52CC65CD5E9F601D5C298BD36D7F6BE14918E1B2449473F3F26B2AB06D6FB0578D936BBE0CEB8C2ADA
2024-12-12 14:44:25.650775 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:44:25.650890 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005bb len=76
2024-12-12 14:44:25.650929 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005BB0000004C00000030C425E3452C0FF9586631B92785EA8ED2FACB32A59B320B543BC4E2B33C2E5B18F8B722BD6F3EFB8D0AABB545
2024-12-12 14:44:26.904961 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:44:26.905073 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005e7 len=76
2024-12-12 14:44:26.905111 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005E70000004C0000003022A53EEC12CBE76A9AFFA7955C8D0A7BA8DB56CB340DDDA95A9305DE492746C3D98E2C3A93AF4B436347B348
2024-12-12 14:44:35.651161 ike V=root:0: comes 34.199.9.216:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:44:35.651288 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=bccf6e1dbcdef9f1/fc74814d3b49379f:000005bc len=76
2024-12-12 14:44:35.651327 ike 0: in BCCF6E1DBCDEF9F1FC74814D3B49379F2E202508000005BC0000004C00000030F3B10D043E9AA1628FF631833CAE714C0161D9684E49B8D19583029B9110BA1F756D5C5D29BA463D9AD48F07
2024-12-12 14:44:36.905288 ike V=root:0: comes 44.221.5.255:500->xx.xx.xx.xx:500,ifindex=7,vrf=0,len=76....
2024-12-12 14:44:36.905400 ike V=root:0: IKEv2 exchange=INFORMATIONAL id=ef39b7f59b4da1e0/4479d09ca6edaeaa:000005e8 len=76
2024-12-12 14:44:36.905440 ike 0: in EF39B7F59B4DA1E04479D09CA6EDAEAA2E202508000005E80000004C00000030CA8562090A0FADA688F0D023C20CD8EB51203D43F4AA229C621947CDF1B4625F9F7A54ED952B2317B1EB01FB


The FCT Diagnostic looks like not available with FortiClientVPN free version. 

115
0 Kudos
fabs
New Contributor III
In response to fabs

Created on ‎12-12-2024 06:35 AM

But what I can see is in the gui_1_error.log

[2024-12-12 15:30:09.8651563 UTC+02:00] [1428:1740] [guimessenger  238   error] failed to open shared memory. GLE=2
[2024-12-12 15:30:12.4077014 UTC+02:00] [1428:1740] [guimessenger  238   error] failed to open shared memory. GLE=2



108
0 Kudos
fabs
New Contributor III
In response to fabs

Created on ‎12-12-2024 12:27 PM

@sjoshi 

I've also tried with the new version of FortiClientVPN 7.4.2.1737 but it's the same behavior.
Could you confirm that these issues are not related to my Fortigate Firmware v7.6.1 build3457 ?

80
0 Kudos
fabs
New Contributor III
In response to fabs

Created on ‎12-13-2024 04:43 AM

@sjoshi 

Now I was able to establish a connection on the Windows 10 Non Domain computer, it was the preshared key, I had mistyped. :(

But here is exactly the same problem. The tunnel is established, but no incoming traffic.

I have now executed the following command, "diagnose vpn ike gateway list" and compared both connections. Windows (no incoming traffic) and iPhone all working fine.

They only differents here is "nat: peer" which is logged on my iPhone connection, but not on my Windows connection.
What does this mean? NAT Traversal is enabled on my Tunnel, was also testing NAT Traversal forced, but same behavior

60
0 Kudos
fabs
New Contributor III
In response to fabs

Created on ‎12-13-2024 04:56 AM

@sjoshi 

So now I have finally managed it, now I also get incoming traffic and the log now also shows “nat: peer” for the Windows connection

but, this now works if I change “Encapsulation” from “IKE UDP Port” to “Auto (UDP fallback TCP)” in the “Expert Settings” in FortiClientVPN.

However, the log still says transport: UDP, what could be the problem here that it only works if I set it to Auto, but it still establishes the connection via UDP?

 

57
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.