Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Ivanildo_Galvao
New Contributor

VPN Fortigate and Cisco RV042

Hello friends, I am not able to establish an IPSEC VPN between a FortiGate 60C and a RV042, I left the settings in Phase1 and Phase2 equal in both the FortiGate when the RV042. Can anyone here give me a hint? For 03 VPNS need to create, with the FortiGate the parent company and a RV042 in each subsidiary. Thank you!

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3
7 REPLIES 7
Fullmoon
Contributor III

Hi, I deployed this setup before long time ago and for me pretty works fine. There is no special config on these setup

Fortigate Newbie

Fortigate Newbie
Ivanildo_Galvao
New Contributor

Hello, you can post here the configuration that you put in the RV042 and the FortiGate? Thus I am safer. Thank you!

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3
rich99
New Contributor

Hi, Try these commands in the CLI to troubleshoot vpn issues. The output will probably show you where the problem is. # diag debug application ike -1 # diag debug enable
Fortinet Certified Network Security Associate (FCNSA) Fortinet Certified Network Security Professional FortiOS (FCNSP)
Fortinet Certified Network Security Associate (FCNSA) Fortinet Certified Network Security Professional FortiOS (FCNSP)
Ivanildo_Galvao
New Contributor

Friends, this is the configuration of RV042, see the image, I set the FortiGate the same way, with the same parameters, but the VPN does not rise, I will use the CLI debug commands to find out where the problem is, but who have a tip, practical experience of setting up this scenario. I thank you!

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3
SÃ_rgio_Paulo
New Contributor

Hello Mr. Ivanildo, Please, test those configuration on the Fortigate side and replace one to Cisco side. Generally we use this configuration with Dynamic DNS into Fortigate to make IPSEC VPN.
SÃ_rgio_Paulo
New Contributor

And into Phase 1, please look at the picture.
Ivanildo_Galvao
New Contributor

Hello friends, I solved the problem, were two things, one that was needed to put the interface in an aggressive way and had to decrease the distance on the route of the WAN1 link to 5, I kept my distance from the link on WAN2 as 10 in this specific case VPN has to leave the WAN1. The third VPNS are working fine! Thanks for the support everyone!

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors