I was trying to set up my IPSEC VPN profiles to pull IP from my centralized DHCP server with the assistance from the following article: http://cookbook.fortinet....external-dhcp-service/
From the CLI I perform the following commands below:
config vpn ipsec phase2-interface edit "MobileVPN-2" set dhcp-ipsec enable
after entering the "set dhcp-ipsec enable" it errors out "Command failed Return code -61"
Is there anyway to pull IP Addresses from an internal DHCP for centralized management with fortigate and IPSEC VPN ?
Fortigate 100D. Firmware 5.2.7
I did confirm it works on 100E's firmware v 5.4.1 build 5654.
Same problem here.
After entering the "set dhcp-ipsec enable" it gives error.
FG60E 5.6.3
I tried to change a mode config VPN to VPN with DHCP over IPSec and the command in phase 2 was not available. After I go to phase 1 and set mode config disable the command in phase 2 was available. conf vpn ipsec phase1-interface
edit "dhcp_vpn"
set mode-cfg disable
end
conf vpn ipsec phase2-interface
edit "dhcp_vpn"
set dhcp-ipsec enable
end
This was on Fortigate 90D with FortiOS 5.4.5
I did not test the functionality yet. But I could use the command.
I hope that helps.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.