- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevice
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiSASE Sovereign
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Support Forum
- Re: IPSece VPN not working since firmware v7.6.5 b...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
IPSece VPN not working since firmware v7.6.5 build3651 (Mature).
Hi all,
I have a FG80 with Automatic updates enabled.
Last Saturday it upgraded from version v7.6.2 build3462 to version v7.6.5 build3651 (Mature).
Almost everything works fine but our vpn clients (using IPSec VPN) can no longer connect.
Normally they connect and will get the question to provide the MFA token but that no longer comes.
After a few minutes they will get the error "Connection was terminated unexpectedly.".
In de Logs I see:
IPsec phase 1 error with:
Actionnegotiate
Statusnegotiate_error
Reasonpeer SA proposal not match local policy a reason "peer SA proposal not match local policy"
and
Progress IPsec phase 1 with:
Actionnegotiate
Statusfailure
ResultERROR
Clients are macOS devices running FortiClient VPN 7.4.3.1761.
I have already tested it with MFA disabled and that makes no difference.
And yes I have also rebooted the Fortigate.
Anyone else experiencing this problem and somebody found fix for it?
Rgds
Rob
Labels:
- Labels:
-
FortiClient
-
IPsec
12 REPLIES 12
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi LVHan,
Thanks for the help.
I'm not a very experienced CLI user so I will need some time to try this.
But looking in the Tunnel Settings via the GUI I don't see the line for Transport followed by the line "Use Fortinet encapsulation"
The rest is all there.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have also noticed this:
Created on ‎12-15-2025 08:08 AM Edited on ‎12-15-2025 08:12 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
https://docs.fortinet.com/document/fortigate/7.6.5/fortios-release-notes/517622/changes-in-cli
7.6.5 had upgrade the Default DH group perhaps u look into your phase 1 and phase 2 IPSec setting and your FortiClient configuration match it back should be working.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That screen shot shows not only DH group change but also IKEv1->IKEv2 conversion. If that's true, the client side needs to change to IKEv2 as well.
Toshi
Created on ‎12-15-2025 08:30 AM Edited on ‎12-15-2025 08:30 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Btw your mention about MFA, if any SAML configure please look into this document too
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-SAML-Authentication-fails-after-firm...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Can you run an ike debug while attempting to connect?
diagnose vpn ike log filter rem-addr4 <PUB_IP_of_client>
diagnose debug application ike -1
diagnose debug console timestamp enable
diagnose debug enable
Attempt to connect via FortiClient
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
TNS-FG_80F # diagnose vpn ike log filter rem-addr4 84.87.158.146
TNS-FG_80F # diagnose debug application ike -1
Debug messages will be on for 19 minutes.
TNS-FG_80F # diagnose debug console timestamp enable
TNS-FG_80F # diagnose debug enable
TNS-FG_80F # 2025-12-15 17:11:09.445459 ike V=root:0: comes 84.87.158.146:56257->95.97.64.186:4500,ifindex=5,vrf=0,len=612....
2025-12-15 17:11:09.445575 ike V=root:0: IKEv1 exchange=Aggressive id=5a66053eefc9c5c7/0000000000000000 len=608 vrf=0
2025-12-15 17:11:09.445621 ike 0: in 5A66053EEFC9C5C7000000000000000001100400000000000000026004000064000000010000000100000058010100020300002801010000800B0001000C00040001518080010007800E00808003FDE980020002800400050000002802010000800B0001000C00040001518080010007800E01008003FDE980020004800400050A0000C47A005DB52CBD4615A69D1E8AB3795CF881B5C3701167C42E79E211177D09BEA8491210B0BDB4C1AFABA96C80E9EA9B2A2A65E36776ECEB99670876F2DD315921808322FF46DC1332839343E5F11CD55596FA177324D2C8E28F71542695EF1DD76A4958B36F66DB63D7FBD002641B5FA27D22851D07E79C4B268C008D7FC06ACBF98598838BEF6C488EDD64C1350660AB4742527E91F5060CF68A4D2E398E7323A319980B6CE594F902EA0E46A2397732BAAEFD07263C12D8A4ED0D65CD13464605000014DCE6A0486772A020DE099AD52E1AB69D0D00000C01111194C0A80A790D0000144A131C81070358455C5728F20E95452F0D0000148F8D83826D246B6FC7A8A6A428C11DE80D000014439B59F8BA676C4C7737AE22EAB8F5820D0000144D1E0E136DEAFA34C4F3EA9F02EC72850D00001480D0BB3DEF54565EE84645D4C85CE3EE0D0000147D9419A65310CA6F2C179D9215529D560D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC01000D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:09.445752 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: responder: aggressive mode get 1st message...
2025-12-15 17:11:09.445809 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID RFC 3947 4A131C81070358455C5728F20E95452F
2025-12-15 17:11:09.445857 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID draft-ietf-ipsec-nat-t-ike-08 8F8D83826D246B6FC7A8A6A428C11DE8
2025-12-15 17:11:09.445905 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID draft-ietf-ipsec-nat-t-ike-07 439B59F8BA676C4C7737AE22EAB8F582
2025-12-15 17:11:09.445952 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID draft-ietf-ipsec-nat-t-ike-06 4D1E0E136DEAFA34C4F3EA9F02EC7285
2025-12-15 17:11:09.445999 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID draft-ietf-ipsec-nat-t-ike-05 80D0BB3DEF54565EE84645D4C85CE3EE
2025-12-15 17:11:09.446047 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID draft-ietf-ipsec-nat-t-ike-03 7D9419A65310CA6F2C179D9215529D56
2025-12-15 17:11:09.446093 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448
2025-12-15 17:11:09.446147 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F
2025-12-15 17:11:09.446194 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712
2025-12-15 17:11:09.446241 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100
2025-12-15 17:11:09.446287 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID DPD AFCAD71368A1F1C96B8696FC77570100
2025-12-15 17:11:09.446332 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
2025-12-15 17:11:09.446380 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:09.446421 ike V=root:0::142: peer identifier IPV4_ADDR 192.168.10.121
2025-12-15 17:11:09.446490 ike V=root:0: IKEv1 Aggressive, comes 84.87.158.146:56257->95.97.64.186 5
2025-12-15 17:11:09.446540 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: incoming proposal:
2025-12-15 17:11:09.446586 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: proposal id = 0:
2025-12-15 17:11:09.446620 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: protocol id = ISAKMP:
2025-12-15 17:11:09.446654 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: trans_id = KEY_IKE.
2025-12-15 17:11:09.446688 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: encapsulation = IKE/none
2025-12-15 17:11:09.446722 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=128
2025-12-15 17:11:09.446768 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: type=OAKLEY_HASH_ALG, val=SHA.
2025-12-15 17:11:09.446800 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:09.446831 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:09.446861 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: ISAKMP SA lifetime=86400
2025-12-15 17:11:09.446891 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: proposal id = 0:
2025-12-15 17:11:09.446921 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: protocol id = ISAKMP:
2025-12-15 17:11:09.446950 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: trans_id = KEY_IKE.
2025-12-15 17:11:09.446979 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: encapsulation = IKE/none
2025-12-15 17:11:09.447008 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=256
2025-12-15 17:11:09.447039 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: type=OAKLEY_HASH_ALG, val=SHA2_256.
2025-12-15 17:11:09.447070 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:09.447100 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:09.447130 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: ISAKMP SA lifetime=86400
2025-12-15 17:11:09.447171 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: negotiation failure
2025-12-15 17:11:09.447240 ike V=root:Negotiate ISAKMP SA Error:
2025-12-15 17:11:09.447285 ike V=root:0:5a66053eefc9c5c7/0000000000000000:142: no SA proposal chosen
2025-12-15 17:11:11.911504 ike :shrank heap by 155648 bytes
2025-12-15 17:11:19.068483 ike V=root:0: comes 84.87.158.146:56257->95.97.64.186:4500,ifindex=5,vrf=0,len=612....
2025-12-15 17:11:19.068596 ike V=root:0: IKEv1 exchange=Aggressive id=5a66053eefc9c5c7/0000000000000000 len=608 vrf=0
2025-12-15 17:11:19.068654 ike 0: in 5A66053EEFC9C5C7000000000000000001100400000000000000026004000064000000010000000100000058010100020300002801010000800B0001000C00040001518080010007800E00808003FDE980020002800400050000002802010000800B0001000C00040001518080010007800E01008003FDE980020004800400050A0000C47A005DB52CBD4615A69D1E8AB3795CF881B5C3701167C42E79E211177D09BEA8491210B0BDB4C1AFABA96C80E9EA9B2A2A65E36776ECEB99670876F2DD315921808322FF46DC1332839343E5F11CD55596FA177324D2C8E28F71542695EF1DD76A4958B36F66DB63D7FBD002641B5FA27D22851D07E79C4B268C008D7FC06ACBF98598838BEF6C488EDD64C1350660AB4742527E91F5060CF68A4D2E398E7323A319980B6CE594F902EA0E46A2397732BAAEFD07263C12D8A4ED0D65CD13464605000014DCE6A0486772A020DE099AD52E1AB69D0D00000C01111194C0A80A790D0000144A131C81070358455C5728F20E95452F0D0000148F8D83826D246B6FC7A8A6A428C11DE80D000014439B59F8BA676C4C7737AE22EAB8F5820D0000144D1E0E136DEAFA34C4F3EA9F02EC72850D00001480D0BB3DEF54565EE84645D4C85CE3EE0D0000147D9419A65310CA6F2C179D9215529D560D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC01000D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:19.068786 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: responder: aggressive mode get 1st message...
2025-12-15 17:11:19.068843 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID RFC 3947 4A131C81070358455C5728F20E95452F
2025-12-15 17:11:19.068891 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID draft-ietf-ipsec-nat-t-ike-08 8F8D83826D246B6FC7A8A6A428C11DE8
2025-12-15 17:11:19.068938 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID draft-ietf-ipsec-nat-t-ike-07 439B59F8BA676C4C7737AE22EAB8F582
2025-12-15 17:11:19.068986 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID draft-ietf-ipsec-nat-t-ike-06 4D1E0E136DEAFA34C4F3EA9F02EC7285
2025-12-15 17:11:19.069032 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID draft-ietf-ipsec-nat-t-ike-05 80D0BB3DEF54565EE84645D4C85CE3EE
2025-12-15 17:11:19.069079 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID draft-ietf-ipsec-nat-t-ike-03 7D9419A65310CA6F2C179D9215529D56
2025-12-15 17:11:19.069126 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448
2025-12-15 17:11:19.069172 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F
2025-12-15 17:11:19.069218 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712
2025-12-15 17:11:19.069264 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100
2025-12-15 17:11:19.069310 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID DPD AFCAD71368A1F1C96B8696FC77570100
2025-12-15 17:11:19.069355 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
2025-12-15 17:11:19.069402 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:19.069442 ike V=root:0::143: peer identifier IPV4_ADDR 192.168.10.121
2025-12-15 17:11:19.069510 ike V=root:0: IKEv1 Aggressive, comes 84.87.158.146:56257->95.97.64.186 5
2025-12-15 17:11:19.069559 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: incoming proposal:
2025-12-15 17:11:19.069605 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: proposal id = 0:
2025-12-15 17:11:19.069639 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: protocol id = ISAKMP:
2025-12-15 17:11:19.069673 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: trans_id = KEY_IKE.
2025-12-15 17:11:19.069706 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: encapsulation = IKE/none
2025-12-15 17:11:19.069740 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=128
2025-12-15 17:11:19.069794 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: type=OAKLEY_HASH_ALG, val=SHA.
2025-12-15 17:11:19.069827 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:19.069858 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:19.069888 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: ISAKMP SA lifetime=86400
2025-12-15 17:11:19.069918 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: proposal id = 0:
2025-12-15 17:11:19.069947 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: protocol id = ISAKMP:
2025-12-15 17:11:19.069976 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: trans_id = KEY_IKE.
2025-12-15 17:11:19.070005 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: encapsulation = IKE/none
2025-12-15 17:11:19.070034 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=256
2025-12-15 17:11:19.070064 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: type=OAKLEY_HASH_ALG, val=SHA2_256.
2025-12-15 17:11:19.070094 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:19.070124 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:19.070154 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: ISAKMP SA lifetime=86400
2025-12-15 17:11:19.070193 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: negotiation failure
2025-12-15 17:11:19.070261 ike V=root:Negotiate ISAKMP SA Error:
2025-12-15 17:11:19.070306 ike V=root:0:5a66053eefc9c5c7/0000000000000000:143: no SA proposal chosen
2025-12-15 17:11:23.481480 ike :shrank heap by 4096 bytes
2025-12-15 17:11:29.038915 ike V=root:0: comes 84.87.158.146:56257->95.97.64.186:4500,ifindex=5,vrf=0,len=612....
2025-12-15 17:11:29.039033 ike V=root:0: IKEv1 exchange=Aggressive id=5a66053eefc9c5c7/0000000000000000 len=608 vrf=0
2025-12-15 17:11:29.039087 ike 0: in 5A66053EEFC9C5C7000000000000000001100400000000000000026004000064000000010000000100000058010100020300002801010000800B0001000C00040001518080010007800E00808003FDE980020002800400050000002802010000800B0001000C00040001518080010007800E01008003FDE980020004800400050A0000C47A005DB52CBD4615A69D1E8AB3795CF881B5C3701167C42E79E211177D09BEA8491210B0BDB4C1AFABA96C80E9EA9B2A2A65E36776ECEB99670876F2DD315921808322FF46DC1332839343E5F11CD55596FA177324D2C8E28F71542695EF1DD76A4958B36F66DB63D7FBD002641B5FA27D22851D07E79C4B268C008D7FC06ACBF98598838BEF6C488EDD64C1350660AB4742527E91F5060CF68A4D2E398E7323A319980B6CE594F902EA0E46A2397732BAAEFD07263C12D8A4ED0D65CD13464605000014DCE6A0486772A020DE099AD52E1AB69D0D00000C01111194C0A80A790D0000144A131C81070358455C5728F20E95452F0D0000148F8D83826D246B6FC7A8A6A428C11DE80D000014439B59F8BA676C4C7737AE22EAB8F5820D0000144D1E0E136DEAFA34C4F3EA9F02EC72850D00001480D0BB3DEF54565EE84645D4C85CE3EE0D0000147D9419A65310CA6F2C179D9215529D560D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC01000D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:29.039220 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: responder: aggressive mode get 1st message...
2025-12-15 17:11:29.039276 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID RFC 3947 4A131C81070358455C5728F20E95452F
2025-12-15 17:11:29.039324 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID draft-ietf-ipsec-nat-t-ike-08 8F8D83826D246B6FC7A8A6A428C11DE8
2025-12-15 17:11:29.039371 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID draft-ietf-ipsec-nat-t-ike-07 439B59F8BA676C4C7737AE22EAB8F582
2025-12-15 17:11:29.039419 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID draft-ietf-ipsec-nat-t-ike-06 4D1E0E136DEAFA34C4F3EA9F02EC7285
2025-12-15 17:11:29.039465 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID draft-ietf-ipsec-nat-t-ike-05 80D0BB3DEF54565EE84645D4C85CE3EE
2025-12-15 17:11:29.039511 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID draft-ietf-ipsec-nat-t-ike-03 7D9419A65310CA6F2C179D9215529D56
2025-12-15 17:11:29.039558 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448
2025-12-15 17:11:29.039605 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F
2025-12-15 17:11:29.039651 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712
2025-12-15 17:11:29.039698 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100
2025-12-15 17:11:29.039744 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID DPD AFCAD71368A1F1C96B8696FC77570100
2025-12-15 17:11:29.039790 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
2025-12-15 17:11:29.039837 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:29.039877 ike V=root:0::144: peer identifier IPV4_ADDR 192.168.10.121
2025-12-15 17:11:29.039943 ike V=root:0: IKEv1 Aggressive, comes 84.87.158.146:56257->95.97.64.186 5
2025-12-15 17:11:29.039992 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: incoming proposal:
2025-12-15 17:11:29.040038 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: proposal id = 0:
2025-12-15 17:11:29.040072 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: protocol id = ISAKMP:
2025-12-15 17:11:29.040106 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: trans_id = KEY_IKE.
2025-12-15 17:11:29.040139 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: encapsulation = IKE/none
2025-12-15 17:11:29.040173 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=128
2025-12-15 17:11:29.040218 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: type=OAKLEY_HASH_ALG, val=SHA.
2025-12-15 17:11:29.040249 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:29.040280 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:29.040310 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: ISAKMP SA lifetime=86400
2025-12-15 17:11:29.040339 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: proposal id = 0:
2025-12-15 17:11:29.040369 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: protocol id = ISAKMP:
2025-12-15 17:11:29.040397 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: trans_id = KEY_IKE.
2025-12-15 17:11:29.040426 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: encapsulation = IKE/none
2025-12-15 17:11:29.040455 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=256
2025-12-15 17:11:29.040486 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: type=OAKLEY_HASH_ALG, val=SHA2_256.
2025-12-15 17:11:29.040516 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:29.040546 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:29.040575 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: ISAKMP SA lifetime=86400
2025-12-15 17:11:29.040615 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: negotiation failure
2025-12-15 17:11:29.040684 ike V=root:Negotiate ISAKMP SA Error:
2025-12-15 17:11:29.040729 ike V=root:0:5a66053eefc9c5c7/0000000000000000:144: no SA proposal chosen
2025-12-15 17:11:39.041310 ike V=root:0: comes 84.87.158.146:56257->95.97.64.186:4500,ifindex=5,vrf=0,len=612....
2025-12-15 17:11:39.041431 ike V=root:0: IKEv1 exchange=Aggressive id=5a66053eefc9c5c7/0000000000000000 len=608 vrf=0
2025-12-15 17:11:39.041493 ike 0: in 5A66053EEFC9C5C7000000000000000001100400000000000000026004000064000000010000000100000058010100020300002801010000800B0001000C00040001518080010007800E00808003FDE980020002800400050000002802010000800B0001000C00040001518080010007800E01008003FDE980020004800400050A0000C47A005DB52CBD4615A69D1E8AB3795CF881B5C3701167C42E79E211177D09BEA8491210B0BDB4C1AFABA96C80E9EA9B2A2A65E36776ECEB99670876F2DD315921808322FF46DC1332839343E5F11CD55596FA177324D2C8E28F71542695EF1DD76A4958B36F66DB63D7FBD002641B5FA27D22851D07E79C4B268C008D7FC06ACBF98598838BEF6C488EDD64C1350660AB4742527E91F5060CF68A4D2E398E7323A319980B6CE594F902EA0E46A2397732BAAEFD07263C12D8A4ED0D65CD13464605000014DCE6A0486772A020DE099AD52E1AB69D0D00000C01111194C0A80A790D0000144A131C81070358455C5728F20E95452F0D0000148F8D83826D246B6FC7A8A6A428C11DE80D000014439B59F8BA676C4C7737AE22EAB8F5820D0000144D1E0E136DEAFA34C4F3EA9F02EC72850D00001480D0BB3DEF54565EE84645D4C85CE3EE0D0000147D9419A65310CA6F2C179D9215529D560D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC01000D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:39.041625 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: responder: aggressive mode get 1st message...
2025-12-15 17:11:39.041679 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID RFC 3947 4A131C81070358455C5728F20E95452F
2025-12-15 17:11:39.041728 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID draft-ietf-ipsec-nat-t-ike-08 8F8D83826D246B6FC7A8A6A428C11DE8
2025-12-15 17:11:39.041775 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID draft-ietf-ipsec-nat-t-ike-07 439B59F8BA676C4C7737AE22EAB8F582
2025-12-15 17:11:39.041822 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID draft-ietf-ipsec-nat-t-ike-06 4D1E0E136DEAFA34C4F3EA9F02EC7285
2025-12-15 17:11:39.041868 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID draft-ietf-ipsec-nat-t-ike-05 80D0BB3DEF54565EE84645D4C85CE3EE
2025-12-15 17:11:39.041914 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID draft-ietf-ipsec-nat-t-ike-03 7D9419A65310CA6F2C179D9215529D56
2025-12-15 17:11:39.041961 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448
2025-12-15 17:11:39.042007 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F
2025-12-15 17:11:39.042054 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712
2025-12-15 17:11:39.042100 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100
2025-12-15 17:11:39.042145 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID DPD AFCAD71368A1F1C96B8696FC77570100
2025-12-15 17:11:39.042191 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
2025-12-15 17:11:39.042238 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:39.042278 ike V=root:0::145: peer identifier IPV4_ADDR 192.168.10.121
2025-12-15 17:11:39.042344 ike V=root:0: IKEv1 Aggressive, comes 84.87.158.146:56257->95.97.64.186 5
2025-12-15 17:11:39.042394 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: incoming proposal:
2025-12-15 17:11:39.042440 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: proposal id = 0:
2025-12-15 17:11:39.042474 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: protocol id = ISAKMP:
2025-12-15 17:11:39.042507 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: trans_id = KEY_IKE.
2025-12-15 17:11:39.042541 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: encapsulation = IKE/none
2025-12-15 17:11:39.042575 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=128
2025-12-15 17:11:39.042627 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: type=OAKLEY_HASH_ALG, val=SHA.
2025-12-15 17:11:39.042659 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:39.042690 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:39.042720 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: ISAKMP SA lifetime=86400
2025-12-15 17:11:39.042750 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: proposal id = 0:
2025-12-15 17:11:39.042779 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: protocol id = ISAKMP:
2025-12-15 17:11:39.042808 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: trans_id = KEY_IKE.
2025-12-15 17:11:39.042836 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: encapsulation = IKE/none
2025-12-15 17:11:39.042866 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=256
2025-12-15 17:11:39.042896 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: type=OAKLEY_HASH_ALG, val=SHA2_256.
2025-12-15 17:11:39.042926 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:39.042956 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:39.042986 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: ISAKMP SA lifetime=86400
2025-12-15 17:11:39.043025 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: negotiation failure
2025-12-15 17:11:39.043094 ike V=root:Negotiate ISAKMP SA Error:
2025-12-15 17:11:39.043138 ike V=root:0:5a66053eefc9c5c7/0000000000000000:145: no SA proposal chosen
2025-12-15 17:11:49.036391 ike V=root:0: comes 84.87.158.146:56257->95.97.64.186:4500,ifindex=5,vrf=0,len=612....
2025-12-15 17:11:49.036533 ike V=root:0: IKEv1 exchange=Aggressive id=5a66053eefc9c5c7/0000000000000000 len=608 vrf=0
2025-12-15 17:11:49.036590 ike 0: in 5A66053EEFC9C5C7000000000000000001100400000000000000026004000064000000010000000100000058010100020300002801010000800B0001000C00040001518080010007800E00808003FDE980020002800400050000002802010000800B0001000C00040001518080010007800E01008003FDE980020004800400050A0000C47A005DB52CBD4615A69D1E8AB3795CF881B5C3701167C42E79E211177D09BEA8491210B0BDB4C1AFABA96C80E9EA9B2A2A65E36776ECEB99670876F2DD315921808322FF46DC1332839343E5F11CD55596FA177324D2C8E28F71542695EF1DD76A4958B36F66DB63D7FBD002641B5FA27D22851D07E79C4B268C008D7FC06ACBF98598838BEF6C488EDD64C1350660AB4742527E91F5060CF68A4D2E398E7323A319980B6CE594F902EA0E46A2397732BAAEFD07263C12D8A4ED0D65CD13464605000014DCE6A0486772A020DE099AD52E1AB69D0D00000C01111194C0A80A790D0000144A131C81070358455C5728F20E95452F0D0000148F8D83826D246B6FC7A8A6A428C11DE80D000014439B59F8BA676C4C7737AE22EAB8F5820D0000144D1E0E136DEAFA34C4F3EA9F02EC72850D00001480D0BB3DEF54565EE84645D4C85CE3EE0D0000147D9419A65310CA6F2C179D9215529D560D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC01000D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:49.036723 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: responder: aggressive mode get 1st message...
2025-12-15 17:11:49.036779 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID RFC 3947 4A131C81070358455C5728F20E95452F
2025-12-15 17:11:49.036827 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID draft-ietf-ipsec-nat-t-ike-08 8F8D83826D246B6FC7A8A6A428C11DE8
2025-12-15 17:11:49.036875 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID draft-ietf-ipsec-nat-t-ike-07 439B59F8BA676C4C7737AE22EAB8F582
2025-12-15 17:11:49.036923 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID draft-ietf-ipsec-nat-t-ike-06 4D1E0E136DEAFA34C4F3EA9F02EC7285
2025-12-15 17:11:49.036970 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID draft-ietf-ipsec-nat-t-ike-05 80D0BB3DEF54565EE84645D4C85CE3EE
2025-12-15 17:11:49.037017 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID draft-ietf-ipsec-nat-t-ike-03 7D9419A65310CA6F2C179D9215529D56
2025-12-15 17:11:49.037063 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448
2025-12-15 17:11:49.037110 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F
2025-12-15 17:11:49.037156 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712
2025-12-15 17:11:49.037203 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100
2025-12-15 17:11:49.037248 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID DPD AFCAD71368A1F1C96B8696FC77570100
2025-12-15 17:11:49.037294 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
2025-12-15 17:11:49.037342 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
2025-12-15 17:11:49.037383 ike V=root:0::146: peer identifier IPV4_ADDR 192.168.10.121
2025-12-15 17:11:49.037457 ike V=root:0: IKEv1 Aggressive, comes 84.87.158.146:56257->95.97.64.186 5
2025-12-15 17:11:49.037507 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: incoming proposal:
2025-12-15 17:11:49.037698 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: proposal id = 0:
2025-12-15 17:11:49.037737 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: protocol id = ISAKMP:
2025-12-15 17:11:49.037773 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: trans_id = KEY_IKE.
2025-12-15 17:11:49.037807 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: encapsulation = IKE/none
2025-12-15 17:11:49.037841 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=128
2025-12-15 17:11:49.037889 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: type=OAKLEY_HASH_ALG, val=SHA.
2025-12-15 17:11:49.037924 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:49.037957 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:49.037988 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: ISAKMP SA lifetime=86400
2025-12-15 17:11:49.038018 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: proposal id = 0:
2025-12-15 17:11:49.038047 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: protocol id = ISAKMP:
2025-12-15 17:11:49.038076 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: trans_id = KEY_IKE.
2025-12-15 17:11:49.038105 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: encapsulation = IKE/none
2025-12-15 17:11:49.038135 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key-len=256
2025-12-15 17:11:49.038166 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: type=OAKLEY_HASH_ALG, val=SHA2_256.
2025-12-15 17:11:49.038197 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: type=AUTH_METHOD, val=PRESHARED_KEY_XAUTH_I.
2025-12-15 17:11:49.038227 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: type=OAKLEY_GROUP, val=MODP1536.
2025-12-15 17:11:49.038256 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: ISAKMP SA lifetime=86400
2025-12-15 17:11:49.038297 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: negotiation failure
2025-12-15 17:11:49.038369 ike V=root:Negotiate ISAKMP SA Error:
2025-12-15 17:11:49.038416 ike V=root:0:5a66053eefc9c5c7/0000000000000000:146: no SA proposal chosen
TNS-FG_80F #
Created on ‎12-15-2025 09:37 AM Edited on ‎12-15-2025 09:46 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Music_IT
Based on the given log, MODP1536 should imply for DH 5 (refer here) which is not supported in 7.6.5 (refer here), so you should try to change from DH 5 to DH14 on both FW and client side:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-Dialup-IPsec-remote-acces...
Regards,
Harry
Labels
-
FortiGate
11,010 -
FortiClient
2,256 -
FortiManager
927 -
FortiAnalyzer
703 -
5.2
687 -
5.4
638 -
FortiSwitch
608 -
FortiClient EMS
605 -
FortiAP
577 -
IPsec
474 -
6.0
416 -
SSL-VPN
405 -
FortiMail
388 -
5.6
362 -
FortiNAC
315 -
fortiweb
267 -
6.2
251 -
FortiAuthenticator v5.5
234 -
SD-WAN
215 -
FortiAuthenticator
195 -
FortiGuard
164 -
FortiGate-VM
156 -
5.0
152 -
Firewall policy
152 -
6.4
128 -
FortiCloud Products
122 -
FortiSIEM
116 -
FortiToken
115 -
FortiGateCloud
113 -
Wireless Controller
97 -
High Availability
95 -
Customer Service
91 -
SAML
84 -
Routing
84 -
ZTNA
83 -
FortiProxy
81 -
Authentication
76 -
VLAN
76 -
BGP
75 -
DNS
74 -
Certificate
74 -
Fortivoice
73 -
FortiEDR
73 -
FortiADC
71 -
RADIUS
68 -
LDAP
66 -
FortiLink
62 -
SSO
61 -
NAT
58 -
FortiSandbox
57 -
Interface
54 -
FortiExtender
53 -
Application control
52 -
VDOM
50 -
4.0MR3
49 -
Virtual IP
48 -
Logging
44 -
FortiDNS
43 -
SSL SSH inspection
42 -
FortiPAM
41 -
Web profile
39 -
FortiGate v5.4
38 -
FortiSwitch v6.4
38 -
FortiConnect
36 -
Automation
36 -
FortiWAN
32 -
FortiConverter
31 -
API
30 -
Traffic shaping
29 -
FortiGate v5.2
28 -
FortiGate Cloud
27 -
Static route
27 -
SNMP
26 -
SSID
26 -
System settings
24 -
FortiSwitch v6.2
23 -
FortiPortal
23 -
OSPF
23 -
WAN optimization
22 -
Web application firewall profile
22 -
FortiMonitor
21 -
Security profile
20 -
Web rating
20 -
IP address management - IPAM
20 -
FortiSOAR
19 -
FortiAP profile
18 -
FortiGate v5.0
16 -
FortiDDoS
16 -
Explicit proxy
16 -
Admin
16 -
IPS signature
15 -
Traffic shaping policy
15 -
Proxy policy
15 -
Intrusion prevention
15 -
FortiManager v4.0
14 -
FortiCASB
14 -
NAC policy
14 -
Users
14 -
FortiManager v5.0
13 -
DNS filter
13 -
FortiDeceptor
12 -
Fabric connector
12 -
Port policy
12 -
FortiWeb v5.0
11 -
FortiBridge
11 -
FortiRecorder
11 -
trunk
11 -
Traffic shaping profile
11 -
Authentication rule and scheme
11 -
FortiAnalyzer v5.0
10 -
Fortinet Engage Partner Program
10 -
FortiGate v4.0 MR3
9 -
RMA Information and Announcements
9 -
Antivirus profile
9 -
Application signature
9 -
FortiCache
8 -
FortiToken Cloud
8 -
Packet capture
8 -
Vulnerability Management
8 -
4.0
7 -
4.0MR2
7 -
VoIP profile
7 -
FortiScan
6 -
FortiNDR
6 -
DoS policy
6 -
FortiCarrier
5 -
FortiTester
5 -
DLP profile
5 -
DLP sensor
5 -
Email filter profile
5 -
Protocol option
5 -
TACACS
5 -
Service
5 -
Cloud Management Security
5 -
3.6
4 -
FortiDirector
4 -
Internet service database
4 -
DLP Dictionary
4 -
Netflow
4 -
Replacement messages
4 -
SDN connector
4 -
Multicast routing
4 -
FortiDB
3 -
FortiHypervisor
3 -
FortiAI
3 -
Kerberos
3 -
Video Filter
3 -
File filter
3 -
Multicast policy
3 -
FortiEdge Cloud
3 -
FortiInsight
2 -
Schedule
2 -
ICAP profile
2 -
Zone
2 -
Lacework
2 -
FortiGuest
2 -
FortiEdge
2 -
4.0MR1
1 -
FortiManager-VM
1 -
FortiCWP
1 -
Subscription Renewal Policy
1 -
FortiSASE
1 -
Virtual wire pair
1 -
FortiPresence
1 -
FortiAIOps
1
Top Kudoed Authors
| User | Count |
|---|---|
| 2850 | |
| 1437 | |
| 812 | |
| 812 | |
| 455 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.