- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VPN Phase 1 issue
Hello,
We are trying to replace a 60B with a 60D. It appears that I am having a VPN issue. I have several VPN's and 6 of 8 are working. The most important VPN is not working. When I test the VPN it fails and the error in the fortigate log is PHase 1. I then did some reading on the CLI to execute debug and read that log and I expected to see a pre-shared key mismatch but I did not get one. Enclosed is the CLI log. It talks about a PAYLOAD-MALFORMED message. I could use some help.
Thanks,
Joe
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
bump
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
From the debug:
ike 0:WAN2-UHCCAREA-Tunnel: created connection: 0x2492600 6 440.87.22.144->330.9.144.10:500.
Did you hide the first octet, or is the output as received?
440.x.x.x and 330.x.x.x are not valid IPs.
Regards, Chris McMullan Fortinet Ottawa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I did change the IP addresses in the attachment. I called support and he took the config file from the 60b and copied and pasted the pre-shared key into the 60d and the tunnel came up. I then contacted the client again and the PSK we had on record was not the same that they had. So the lesson is verify your PSK.
Thank You,
Joe