Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ago_icaar
New Contributor

Created on ‎09-16-2021 07:46 AM

Fortigate - Cisco router IKEv2 with set network-id

Hi,

 

I need to establish a tunnel with an existing VPN IPSec configuration. The configuration are routed base topology. I have several tunnel between Fortigate and bgp routing, no problem for that. But I need connect Cisco router in ipsec IKEv2. I tested to UP this tunnel in a lab, it's OK, but in my actual config I need use command "set network-id xx".

But for the cisco router, I don't find this attribute in IKEv2 negotiation.

 

Thank you for your help

2305
0 Kudos
1 REPLY 1
vsharma
Staff
Staff

Created on ‎07-18-2023 07:20 AM

Hello,

 

 

The network ID is a Fortinet-proprietary attribute that is used to select the correct phase 1 between IPsec peers, so that multiple IKEv2 tunnels can be established between the same local/remote gateway pairs.

So it may not be available in Cisco.

Please refer below and see if you have a use case to use network-id.

 

 - https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/790613/phase-1-configuration

It's explained under "Additional CLI configurations".

 

Please upvote and mark as resolved if it helps.

 

Thanks.

1309
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.