Hello, I have a Fortigate 30D (fw v6.0.5) and 60C (fw v5.2.13), FGT-30D have static ip, FGT-60 have dynamic IP (working DDNS with fortiddns.com), both working fine with internet and virtual ips, I create a VPN site-to-site with the wizard, but no connect, the log say nothing, only failure in phase 2, how can I check what is wrong? both devices have automatically created policies and static routes.

The fortigate 60C, have a vpn working fine with forticlient.

 

Fortigate 30D Error:

General

Date2019/07/11Time12:19:44Virtual DomainrootLog DescriptionProgress IPsec phase 2

Source

Local IP181.57.58.10UserN/AGroupN/AXAUTH UserN/AXAUTH GroupN/A

Action

ActionnegotiateStatusfailureResultERROR

Security

Level 

Event

Assigned IPN/ACookiesbc71ccd63c9f5687/066f9620a74261f7DirectioninboundLocal Port500Outgoing InterfacewanRemote IP190.156.137.256Remote Port500RoleresponderStage1VPN Tunnel30d-to-60cModequickMessageprogress IPsec phase 2

Other

Initiatorremote_remip_hostnamefortigate60c.fortiddns.comLog event original timestamp1562865584_locip_hostnamefortigate30d.fortiddns.comLog ID37130Sub Typevpn

 

Fortigate 60C Error: 

#20ActionnegotiateAssigned IPN/ACookiesdbcd7686da61586e/1b80782dda1981aeDate/Time12:39:09DirectioninboundGroupN/AIPsec Local IP190.156.137.256IPsec Remote IP181.57.58.10InitiatorremoteLevel Local Port500Log DescriptionProgress IPsec phase 2Log ID37130Messageprogress IPsec phase 2ModequickOutgoing Interfacewan1Remote Port500ResultERRORRoleresponderStage1StatusfailureSub TypevpnTimestamp7/11/2019, 12:39:09 PMUser N/AVPN Tunnel60c-to-30dVirtual DomainrootXAUTH GroupN/AXAUTH UserN/A