I' m trying to set up two separate dial-up VPNs to a Fortigate, and am a little confused about how they are supposed to coexist. Maybe somebody could help me clear up the fuzziness in my mind?
The first VPN is a gateway-to-gateway VPN, the second will be an L2TP VPN to support road warriors. I have been able to set up both VPNs successfully one at a time, but not make them coexist on the same Fortigate.
The gateway-to-gateway VPN is a route-based VPN between two Fortigates, FG-A and FG-B. FG-A is in the central office with a static public IP. FG-B is in the remote office with a dynamic public IP. I am using the Fortigate factory certificates for authentication.
The road-warrior VPN will go to FG-A. Following the IPSec documentation, I set it up as a policy-based VPN.
When I try to connect to this VPN, Windows will display an error 789.
Before I go into troubleshooting mode, I would like to understand more about what' s supposed to happen. When the dial-up client connects, how does the Fortigate determine which of the two VPNs to use?