#VPN Site-To-Site. Issue When Create Multiple Tunnels

Donglv_ · ‎03-16-2023

I have 3 Site A B C using FortiGate-VM (7.0 & 7.2). Three Site using 3 Ip Public for VPN gateway.

IPsec Tunnel between A <-> B is Up and running.

And I create another Tunnel A <-> C, But the Wizard show "Unable to setup VPN. The rollback process has encountered an error. Orphaned objects may still exist in the configuration database".

Donglv_ · ‎03-17-2023

Thanks. I found the problem. Bescause The Firewall policies have reach the maximum entries then the VPN tunnel cannot create more VPN policies.

View solution in original post

funkylicious · ‎03-16-2023

Have you tried converting into a custom tunnel and setting it up that way ?

"jack of all trades, master of none"

Donglv_ · ‎03-16-2023

Yes I already setting in custom tunnel same as the first tunnel

Donglv_ · ‎03-17-2023

Thanks. I found the problem. Bescause The Firewall policies have reach the maximum entries then the VPN tunnel cannot create more VPN policies.

funkylicious · ‎03-17-2023

You can workaround that with enabling multiple interface policies from feature visibility to help with your lab.

"jack of all trades, master of none"

Shob · ‎04-06-2024

Pls adv more bcs am also facing this issue and I have created only one policy

#VPN Site-To-Site. Issue When Create Multiple Tunnels

Nominate a Forum Post for Knowledge Article Creation