Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SOLVED: Strongswan 2 FG60B
FG60B
4MR3 patch18
Behind NAT and dynamic public IP
Strongswan
5.1.2
Public IP + loopback 10.177.177.2
I am not able to make the tunnel up and running and I dont understand why.
Config of the Fortigate:
Phase 1:
config vpn ipsec phase1-interface edit " DialUp_strongswan" set interface " wan1" set dhgrp 2 set proposal aes256-sha1 set localid " publicfqdn.mydomain.com" set remote-gw <public-ip-strongswan> set psksecret **** next endPhase2
config vpn ipsec phase2-interface edit " VPN_StrongSwan" set dst-addr-type ip set keepalive enable set phase1name " DialUp_strongswan" set proposal 3des-sha1 3des-md5 set dhgrp 2 set dst-start-ip 10.177.177.2 set src-subnet 192.168.160.0 255.255.252.0 next endStongswan: Ipsec.conf
config setup charondebug=" dmn 1, mgr 1, ike 2, chd 1, job 1, cfg 3, knl 2, net 2,enc 1, lib 1" # Sample VPN connections conn Fortigate auto=start left=<public-ip-strongswan> leftsubnet=10.177.177.2/255.255.255.255 right=%any rightsubnet=192.168.160.0/22 compress=no #pfs=yes esp=3des-modp1024 #auth=esp authby=secret keyingtries=%foreveripsec.secret
<public-ip-strongswan> %any : PSK " ****"
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
- « Previous
-
- 1
- 2
- Next »
10 REPLIES 10
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Palamar,
Create a new thread and list the issues you are experiencing and a list of the way things are configured and we can see what is up. This original thread is really old and the issue was resolved. Is your issue the same as theirs?
Mike Pruett
Mike Pruett
Fortinet GURU | Fortinet Training Videos
- « Previous
-
- 1
- 2
- Next »