Good day everyone,
I am trying to understand how and what for to use peertype dialup settings in Phase1 interface mode for IPSec VPN client connections. The documentation just lists this option, Google tells contradicting stories. I tried just for luck using Firewall group with local users (setting via set usrgrp) - could not connect with any of them (Authentication failed), while using the same user group but peertype any works fine.
That is what I mean:
(phase1-interface) # edit FCtun0
(FCtun0) # set peertype any Accept any peer ID. one Accept this peer ID. dialup Accept peer ID in dialup group.
Thanks.
Have you found anything about this option in the official forti documentation? Or do you know the answer now?
peertype any will accept any peer id you submit upon dialling in. It will even accept an empty peer id.
one peerid will only accept this one specific peer id upon dialling in. You will only be able to dial in if you submit the correct peer id.
dialup probably allows you to enter some grup and put peers in there to have more then one bt not any :)
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
peertype any will accept any peer id you submit upon dialling in. It will even accept an empty peer id.
one peerid will only accept this one specific peer id upon dialling in. You will only be able to dial in if you submit the correct peer id.
dialup probably allows you to enter some grup and put peers in there to have more then one bt not any :)
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2678 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.