Hi folks,
I have a little (big?) problem trying to configure a Mikrotikrouterboard to connect to a FGT100D.
The Mikrotik is sitting behind a router which points to the internet.The Router gives a LAN-address to the Mikrotik WAN-Port.
192.168.0.101/24.
The Mikrotik itself, gives connected Clients the IP-Range 192.168.88.0/24.
The official IP for connections to the internet is 77.110.xxx.yyy (static).
I am trying to connect to a LAN behind the Fortigate (10.0.0.0/24)
If I set up a IPSEC Dialup VPN the phase 1 is working properly, but I am struggeling with phase2 which never comes up.
My question is: As it is a dialup-connection initiated from the Mikrotik, which IP-Adresses do I have to use in the VPN Settings for local and remote Network?
What is the SA Src. Address / SA Dst. Address. In my opinion this should be the official IPs of both ends?
thx!
Opps. You're right Coberas, I copied from another configuration in which I used ikev1, sorry! The configuration should work the same with both ike v1 or v2, provided you use the same on both ends.
The DDNS is configured both via CLI or GUI.
Regards.
f.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.