VPN L2TP on Fortigate 60F behind GPON modem

marcin85 · ‎05-06-2024

Hi, i have a problem with setting up L2TP Server (for native Windows Client). My Fortigate is behind GPON modem (FG is in DMZ to forward all trafic). I have configured L2Tp according to manual - the vpn is setting up but after 20s it's down. In logs i have:

In debug i have:

In WAN1 of Fortigate i have IP from the local subnet with the GPON modem (10.10.0.0), not the public IP from ISP.

The public IP is on GPON modem.

What can be the problem?

abarushka · ‎05-07-2024

Hello,

You may consider to collect IKE debug traces while the tunnel is going down by running the commands below:

diagnose debug application ike -1
diagnose debug enable

FortiGate

ebilcari · ‎05-07-2024

Since the public IP is on the modem did you configure the port forwarding to FGT (UDP: 500, 4500, 1701)?

In my experience if you want to use the built in VPN client in Windows, it's better to use IKEv2, is much more stable than the old L2TP. This article shows how to use certificates for authentication, but it can be configured also to use credentials.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

VPN L2TP on Fortigate 60F behind GPON modem

Nominate a Forum Post for Knowledge Article Creation