Device : Fortigate 40F
Firmware :v7.0.12 build0523 (Mature)
I am following this article to configure site to site VPN :
I am not sure how to setup parameters for phase 1 and phase 2 tunnel and how do I configure Phase 2 tunnel since I cant find any options in firewall console.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
As I understand you're trying to configure IPSEC site to site VPN between FortiGate and Microsoft Azure for that please refer to the below document:
https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/255100/ipsec-vpn-to-azure-wi...
If the VPN is not coming up, please share me the output of below commands:
# diagnose vpn tunnel list < tunnel name >
# diagnose vpn ike gateway list < tunnel name >
# diagnose vpn ike status < tunnel name >
# diagnose vpn ike config list < tunnel name >
# diagnose vpn ike status detailed < tunnel name >
# diag vpn ike log-filter dst-addr4 <IP>
# diag debug console timestamp enable
# diag de app ike -1
# diag de en
Let the debugs run for 2-3 minutes and then stop debugging by;
# diagnose debug disable
# diagnose debug reset
Best Regards,
Abhimanyu
Set the Encryption and Authentication combinations:
Hi @Need2Know
In place of the manual try to configure the tunnel using the IPSECVPN wizard to avoid the chance of missing any configuration of phase 1 and phase 2.
Regards
Priyanka
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
@pgautam Please note that this is production site. let me know if this will not effect exiting state of the firewall
Hi @Need2Know
Creating a new site to the tunnel will not impact other internet traffic, however for the best practice it's recommended you make changes in the off-production time for the new configuration testing.
Regards
Priyanka
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
IP addresses on Azure
Just wanted to confirm if I need to use default subnet or gateway subnet for S2SVPN_remote_subnet_1 on Fortinet firewall.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.