Multiple ipsec P2 in monitor, 5.2?

simonorch · ‎11-19-2014

What's happened to being able to view multiple P2 connected to a single P1 in the ipsec monitor?

It was ok in 5.0 and before but has gone\changed in 5.2

Senior Consultant working with Fortinet products since 2009

Storyteller · ‎11-24-2014

Me too... I need it. What's happened?

Regards,

Graziano.

Carl_Wallmark · ‎11-24-2014

There is still some Source/destination left:

click on the "settings" Icon on the right side, there you have Proxy ID Source and Proxy ID Destination

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

Storyteller · ‎11-24-2014

And then...? I can see now source and destination subnet of a Phase2... and the other three Phase2 where is it???

Regards,

Graziano.

Carl_Wallmark · ‎11-24-2014

Looks like we only can see one phase2

Would be great if we could right-click on the tunnel and have a menu with "Show ProxyID" and get a popup with all subnets.

Until then, try this in CLI:

get vpn ipsec tunnel name <name of the Phase1>

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

simonorch · ‎11-26-2014

It's been confirmed by TAC as a bug ID 225851

Senior Consultant working with Fortinet products since 2009

Storyteller · ‎11-26-2014

I don't think there were doubts...

Regards,

Graziano.

Dipen · ‎11-26-2014

I think its not a bug its designed that way. Even the IPSEC VPN page goes not show P2s as a Tree in P1 rather you Click-Open the P1 and there you see all P2s.

Regards

Ahead of the Threat. FCNSA v5 / FCNSP v5

Fortigate 1000C / 1000D / 1500D

Multiple ipsec P2 in monitor, 5.2?

Nominate a Forum Post for Knowledge Article Creation