Hi All,

I would like to use manual ipsec insteal of auto ipsec, because somethimes my two fortigates re-build ipsec in few minitues.

This is my two sietes.

Site A ForitgateA -ISP A  ---  IPS B - FortigateB Site B

I can't find an example, so that I configure manual ipsec refer to this link https://help.fortinet.com/cli/fos50hlp/54/Content/FortiOS/fortiOS-cli-ref-54/config/vpn/ipsec_manual...

FortigateA

config vpn ipsec manualkey-interface edit "MAN1" set interface "port1" set enc-alg des set remote-gw FortigateB IP set enc-key 'ENC PKB+ciJiGv6ceXlLeOZe34s6Bt67XAdf0EwspCOe5ABkZ5LKDEpqVcORx0y8LWLwOjjlhn0Y/SDEGgf62HCN0EtcTbghaWfTfuI56XWRQlsefDB/GhwNOhPjZ9w+hpAh0xqGNz5N+T5j1bhnHCF9s3EFQ07IWr+Dk5WxFL4VNwNydsmRqQqk/yWBklGFNMu/OSaQmA==' next

config router static edit 1 set distance 1 set virtual-wan-link enable next edit 2 set dst 192.168.1.0 255.255.255.0 set device "MAN1"

FortigateB

config vpn ipsec manualkey-interface edit "MAN1" set interface "port2" set enc-alg des set remote-gw ForitigateA IP set enc-key 'ENC PKB+ciJiGv6ceXlLeOZe34s6Bt67XAdf0EwspCOe5ABkZ5LKDEpqVcORx0y8LWLwOjjlhn0Y/SDEGgf62HCN0EtcTbghaWfTfuI56XWRQlsefDB/GhwNOhPjZ9w+hpAh0xqGNz5N+T5j1bhnHCF9s3EFQ07IWr+Dk5WxFL4VNwNydsmRqQqk/yWBklGFNMu/OSaQmA==' next end

config router static edit 1 set distance 1 set virtual-wan-link enable next edit 2 set dst 172.16.0.0 255.255.0.0 set device "MAN1" next

In ipv4 policy, I permit all to all. But it doesn't work. Could anyone tell me how I should configure? Thank you in advance!