Hello,
I'd like to create an IPsec DialUp tunnel with FortiClients at the remote site using certificates. I've already created the tunnel and imported the self signed server certificate and CA certificate on the FortiGate and the self signed client certificate on the client. Additionally I added the CA and server certificate to the trusted certificates pool in windows. This brings me to my first question: is this even necessary?
The DialUp tunnel is working properly with pre shared keys. I've already made a diag debug app ike -1 but this doesn't help me pretty much since there I only see that there is a mismatch with the certificates. In the attached file you can see the output of the debug command. (The localVPN is a side to side tunne)
Thanks in advance!
Daniel
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.