Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ergalez
New Contributor

IP Sec Tunnel Interface is UP, but i can't do a ping to remote pc

Hi, I have 2 fortigates a 60E and a 20C I have established the IPSec tunnels for site-to-site vpn. The tunnel in both fortigates appears to me to be up, but I cannot ping between the lan networks. I have set the static route and added the access policies. I don't know what else to do. And if I check the IPSec monitor, I see that there is incoming and outgoing traffic.evidencia.png

22 REPLIES 22
Harbib
Staff
Staff

Hello,

You can try disabling the NP acceleration for IPSEC VPN phase 1 on the 60E, and perform the test again

https://docs.fortinet.com/document/fortigate/7.0.0/hardware-acceleration/636026/disabling-np-acceler...

 

 

ergalez
New Contributor

Hi, thank you four your time, i disable the NP acceleration for IPSEC VPN phase 1 and  i still can't receive inbound traffic and port 500 is still used when i do this command.

diag sniffer packet any 'host <peer public ip>' 6 0 a

 

pavankr5
Staff
Staff

Hello,

 

Please check this article on Not able to ping the Ipsec VPN remote peer network 
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Not-able-to-ping-the-Ipsec-VPN-remot...

Thanks

Pavan

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors