Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
Its possible that a VIP is configured on either of the firewalls for the external public IP on which the IPsec tunnel is terminated. Please check and remove the VIP if any.
Regards,
Deepak
I'm having the same problem. The error doesn't make much sense since the remote address is a.b.y.z. but the error says the remote address a.b.c.d.
Hi,
Its possible that a VIP is configured on either of the firewalls for the external public IP on which the IPsec tunnel is terminated. Please check and remove the VIP if any.
Regards,
Deepak
omg your right, an old VIP that I wasn't using was somehow being used for that VPN.
thanks!
i am facing an issue in site to site ipsec vpn, tunnel is up , and i can access remote LAN. but remote lan can not access me, although the policies which i made for remote lan, in that policy i allowed access for remote lan, but still other party is unable to access my lan, can any body guide me what can be the issue.
thank you in advance.
The diag debug flow is your 1st command and step in diagnostics. I would execute it and review the output. I would suspect the fwpolicy-id ordering or lack or incorrect route
PCNSE
NSE
StrongSwan
Hi,
I meet the error as well , there is a Cisco router 2911 build site to site VPN to fortigate 500D . It's not work and I enable debug on fortigate , I found the error "remote address 218.207.163.181 does not match configuration address 112.5.54.2, drop" . there is nothing VIP config about 218.207.163.181 . IP 112.5.54.2 is router's public IP.
BR
Kenneth
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1673 | |
1083 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.