Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
galal2010
New Contributor

VPN Down

gateway
name: 'Egy-Saudi-VPN'
local-gateway: 41.178.109.139:0 (static)
remote-gateway: 176.44.67.135:0 (static)
dpd-link: off
mode: ike-v1
interface: 'wan1' (5) vrf:0
rx packets: 0 bytes: 0 errors: 0
tx packets: 0 bytes: 0 errors: 1

 

 

Site to site vpn tunnel is down

here is tunnel detail s for Fortigate

get vpn ipsec tunnel details

i see that fortigate doesnot do encapsulation on port 4500 (local-gateway: 41.178.109.139:0 (static))

 

two firewalls connected to ADSL router one is static IP and the other use DDNS

i think there is problem of port fowarding

any help

 

 

2 REPLIES 2
srajeswaran
Staff
Staff

Was this tunnel working earlier? Can you share the outputs suggested in below article.

 

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-IPsec-VPNs-tunnels/ta-p/195955

 

 

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
kvimaladevi
Staff
Staff

Hi galal2010,

 

I hope you have enabled Nat T on both the ends? 

Please get the below logs by bringing up the tunnel to check where exactly the issue is

# diagnose vpn ike log-filter dst-addr4 x.x.x.x --->replace x.x.x.x with the public IP of the remote site
# diagnose debug application ike -1
# diagnose debug enable

Regards,

Vimala

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors