Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ergalez
New Contributor

Created on ‎11-24-2021 04:12 PM

IP Sec Tunnel Interface is UP, but i can't do a ping to remote pc

Hi, I have 2 fortigates a 60E and a 20C I have established the IPSec tunnels for site-to-site vpn. The tunnel in both fortigates appears to me to be up, but I cannot ping between the lan networks. I have set the static route and added the access policies. I don't know what else to do. And if I check the IPSec monitor, I see that there is incoming and outgoing traffic.evidencia.png

Labels:
9989
0 Kudos
21 REPLIES 21
Harbib
Staff
Staff

Created on ‎12-01-2021 09:30 AM

Hello,

You can try disabling the NP acceleration for IPSEC VPN phase 1 on the 60E, and perform the test again

https://docs.fortinet.com/document/fortigate/7.0.0/hardware-acceleration/636026/disabling-np-acceler...

 

 

1053
0 Kudos
ergalez
New Contributor
In response to Harbib

Created on ‎12-01-2021 08:04 PM

Hi, thank you four your time, i disable the NP acceleration for IPSEC VPN phase 1 and  i still can't receive inbound traffic and port 500 is still used when i do this command.

diag sniffer packet any 'host <peer public ip>' 6 0 a

 

1046
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.