I am configuring ipsec vpn on FortiGate 60F firewall and 200F firewall. In 60F, fortiguard option, it says, "firmware and general update is expired. Firmware version is v6.4.6 build 6083 (GA). Do I need to update the firmware, because IP sec phase1 is down. If not, what can be the reason for ipsec phase 1 for being down?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
In phase 1 proposal check if encryption-authentication pairs and Diffie-Hellman Groups match between the two FortiGates.
Run the below commands on the receiver while initiating the tunnel on the initiator FG.
diagnose debug console timestamp enable
diagnose debug application ike -1
diagnose debug enable
Hi @Israt24Fortinet,
Your "firmware and general update" license is expired but it shouldn't affect the IPsec tunnel. You can run ike debug to see why it is failing.
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1702 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.