Hello,
I am experiencing an issue when I am trying to create an IPSec VPN tunnel.
I have tried this on both Fortigate 60D and 200D with v5.2.3,build670 (GA) firmware.
When trying to create a tunnel using the GUI wizard, at the final step just before creating the tunnel, I receive the error: "Empty Values Not Allowed" and the tunnel is not created.
All fields are filled in and I really do not know what the problem is.
I have tried to restart the units as well as to backup the config and restore it to another fortigate unit but I receive the same error...
Any help would be much appreciated!
Thanasis
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
hi,
just try to create the tunnel in CLI (console window or ssh):
conf vpn ipsec phase1-interface
edit new_vpn
...
next
end
conf vpn ipsec phase2-interface
edit new_tunnel
...
next
end
Any existing VPN should give you the idea which parameters are mandatory (interface, proposal,...) and which are not.
Which kind of tunnel are you going to create: main mode, dynamic or static remote gateway,...?
Glad it works for you now.
There's 2 ways to see this:
1 - you really want to understand why and how
2 - you need a result
If you want to go way 1, just open the wizard on the newly created tunnel definition and start deleting one value after the other, until the GUI stops you. Even then, sometimes it's a browser issue, or will not happen if the Fortigate is freshly rebooted. Or some of the parameters used have funny characters, or spaces where the GUI won't accept it (but the CLI will).
And somehow you very often go way 2.
Ops_Tech wrote:Hi Thanasis,
I am having the same issue, did you ever find a resolution?
Thanks
Hello,
I found out that if you copy-paste any of the values, it will not work...
Also, if you have strange characters in the tunnel's password like [^&%")(] the wizard will give you that error as it looks like it brakes the command the FortiGate is running...
Hope this helps.
Regards,
Thanasis
hi,
just try to create the tunnel in CLI (console window or ssh):
conf vpn ipsec phase1-interface
edit new_vpn
...
next
end
conf vpn ipsec phase2-interface
edit new_tunnel
...
next
end
Any existing VPN should give you the idea which parameters are mandatory (interface, proposal,...) and which are not.
Which kind of tunnel are you going to create: main mode, dynamic or static remote gateway,...?
Thank you very much for your help!
I created the tunnel through CLI but i do not understand what the issue with the GUI is...
The tunnel i am trying to create is a static remote gateway.
Thanasis
Glad it works for you now.
There's 2 ways to see this:
1 - you really want to understand why and how
2 - you need a result
If you want to go way 1, just open the wizard on the newly created tunnel definition and start deleting one value after the other, until the GUI stops you. Even then, sometimes it's a browser issue, or will not happen if the Fortigate is freshly rebooted. Or some of the parameters used have funny characters, or spaces where the GUI won't accept it (but the CLI will).
And somehow you very often go way 2.
Hi Thanasis,
I am having the same issue, did you ever find a resolution?
Thanks
Ops_Tech wrote:Hi Thanasis,
I am having the same issue, did you ever find a resolution?
Thanks
Hello,
I found out that if you copy-paste any of the values, it will not work...
Also, if you have strange characters in the tunnel's password like [^&%")(] the wizard will give you that error as it looks like it brakes the command the FortiGate is running...
Hope this helps.
Regards,
Thanasis
Ops_Tech wrote:
I found out that if you copy-paste any of the values, it will not work...
Also, if you have strange characters in the tunnel's password like [^&%")(] the wizard will give you that error as it looks like it brakes the command the FortiGate is running...
How is it that this glaring bug has STILL not been fixed?
This is also happening for me on 5.6.2, tried removing all spaces from the names I'm using, even without copy/pasting I still get the error:
"-56: Empty values are not allowed." After trying for I think the seventh time, I finally got no error, but then the OK button did nothing... I navigated back to IPSEC tunnels page thinking maybe it's done and I just didn't get redirected, nope not in the list.
Another bug: I'll be halfway through entering data into the fields for a new custom IPSEC tunnel and it just reverts back to some template called forticisco(I tunnel I tried to create months ago) - EDIT: this seems to be a caching issue - Login to the Fortigate with Chrome in Incognito mode and this behaviour stops.
I've come to accept that bugs are fairly normal for Fortigates, but hey as long as the dashboards look good and work well!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.