config vpn ipsec phase1-interface edit " DialUp_strongswan" set interface " wan1" set dhgrp 2 set proposal aes256-sha1 set localid " publicfqdn.mydomain.com" set remote-gw <public-ip-strongswan> set psksecret **** next endPhase2
config vpn ipsec phase2-interface edit " VPN_StrongSwan" set dst-addr-type ip set keepalive enable set phase1name " DialUp_strongswan" set proposal 3des-sha1 3des-md5 set dhgrp 2 set dst-start-ip 10.177.177.2 set src-subnet 192.168.160.0 255.255.252.0 next endStongswan: Ipsec.conf
config setup charondebug=" dmn 1, mgr 1, ike 2, chd 1, job 1, cfg 3, knl 2, net 2,enc 1, lib 1" # Sample VPN connections conn Fortigate auto=start left=<public-ip-strongswan> leftsubnet=10.177.177.2/255.255.255.255 right=%any rightsubnet=192.168.160.0/22 compress=no #pfs=yes esp=3des-modp1024 #auth=esp authby=secret keyingtries=%foreveripsec.secret
<public-ip-strongswan> %any : PSK " ****"
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Palamar,
Create a new thread and list the issues you are experiencing and a list of the way things are configured and we can see what is up. This original thread is really old and the issue was resolved. Is your issue the same as theirs?
Mike Pruett
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.