Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ziga_mlinaric
New Contributor

Created on ‎04-20-2015 06:30 AM

VPN Tunnel Between FortiGate 60C and Cisco 881 Router

Hi Guys,

 

I desparetly need your help, I'm trying to create a VPN Connection between the Fortigate 60C and Cisco 881 Router. I have tried everything and there is still no positive result. [>:]

 

Phase 1 negotiation is successfull but there is no Phase 2 Start. I have tried both Links under

 

http://blog.webernetz.net/2015/02/05/ipsec-site-to-site-vpn-fortigate-cisco-asa/

 

http://blog.webernetz.net/2015/02/02/ipsec-site-to-site-vpn-fortigate-cisco-router/

 

And non of them really gets me going forward. Do you have Experience with such devices? I have managed the FortiGate until now without any Problems, have created a VPN but from Forti to Forti. But now we need a VPN for a Customer and this is quite Challaging now...

 

Thanks for your Help in advance.

 

Best Regards,

 

Ziga

9789
0 Kudos
1 Solution
sheinze
New Contributor II

Created on ‎04-21-2015 12:32 AM

Sorry, i can't see the image.

 

View solution in original post

5274
0 Kudos
8 REPLIES 8
sheinze
New Contributor II

Created on ‎04-20-2015 06:43 AM

ziga.mlinaric wrote:

Hi Guys,

 

I desparetly need your help, I'm trying to create a VPN Connection between the Fortigate 60C and Cisco 881 Router. I have tried everything and there is still no positive result. [>:]

 

Phase 1 negotiation is successfull but there is no Phase 2 Start. I have tried both Links under

 

http://blog.webernetz.net/2015/02/05/ipsec-site-to-site-vpn-fortigate-cisco-asa/

 

http://blog.webernetz.net/2015/02/02/ipsec-site-to-site-vpn-fortigate-cisco-router/

 

And non of them really gets me going forward. Do you have Experience with such devices? I have managed the FortiGate until now without any Problems, have created a VPN but from Forti to Forti. But now we need a VPN for a Customer and this is quite Challaging now...

 

Thanks for your Help in advance.

 

Best Regards,

 

Ziga

 

At seconds link there is no policy configured. insert "vpn to lan", and "lan to vpn".

5220
0 Kudos
GusTech
Contributor II

Created on ‎04-20-2015 06:47 AM

ziga.mlinaric wrote:

Hi Guys,

 

I desparetly need your help, I'm trying to create a VPN Connection between the Fortigate 60C and Cisco 881 Router. I have tried everything and there is still no positive result. [>:]

 

Phase 1 negotiation is successfull but there is no Phase 2 Start. I have tried both Links under

 

http://blog.webernetz.net/2015/02/05/ipsec-site-to-site-vpn-fortigate-cisco-asa/

 

http://blog.webernetz.net/2015/02/02/ipsec-site-to-site-vpn-fortigate-cisco-router/

 

And non of them really gets me going forward. Do you have Experience with such devices? I have managed the FortiGate until now without any Problems, have created a VPN but from Forti to Forti. But now we need a VPN for a Customer and this is quite Challaging now...

 

Thanks for your Help in advance.

 

Best Regards,

 

Ziga

Hello, and welcome to the forum.

 

Im running several FGT <-> Cisco tunnels, what build are the FGT running?

 

 

Fortigate <3

Fortigate <3
5221
0 Kudos
ziga_mlinaric
New Contributor

Created on ‎04-21-2015 12:25 AM

Hi,

 

FGT is running following Config:

 Phase 1 in Image

 

 

The connection doesn't even come to the Phase 2...

 

Are there any special setting that hase to be made on Cisco?

Thanks for your help in advance.

 

Best Regards,

 

Ziga

 

 

Phase 1.jpg
Preview file
55 KB
5221
0 Kudos
ziga_mlinaric
New Contributor
In response to ziga_mlinaric

Created on ‎04-21-2015 12:32 AM

Phase 2

Phase 2.jpg
Preview file
47 KB
5221
0 Kudos
ziga_mlinaric
New Contributor
In response to ziga_mlinaric

Created on ‎04-21-2015 12:33 AM

I hope you can see the Images now. Because I can add only one. :\

5221
0 Kudos
sheinze
New Contributor II
In response to ziga_mlinaric

Created on ‎04-21-2015 12:38 AM

ziga.mlinaric wrote:

I hope you can see the Images now. Because I can add only one. :\

can you login trough ssh and show it via CLI

 

show vpn ipsec phase1-interface <name>

show vpn ipsec phase2-interface <name>

 

and related snip from

show router static

show firewall policy

 

5221
0 Kudos
sheinze
New Contributor II

Created on ‎04-21-2015 12:32 AM

Sorry, i can't see the image.

 

5275
0 Kudos
ziga_mlinaric
New Contributor

Created on ‎04-21-2015 02:23 AM

I have already solved the problem. It was on the Cisco site that was blocking it.

 

Tnx for your help. Anyway...

5221
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.