Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Created on ‎11-14-2004 04:54 AM

ipsec passthrough

How do i know whether ipsec passthrough option is enabled or disabled in my FGT ? My firmware is 2.80 Build 250 ( MR5 )
4244
0 Kudos
7 REPLIES 7
Not applicable

Created on ‎12-03-2004 05:33 AM

Hi Redhatsup, From an earlier post, you can check using the CLI: # get config [...] set firewall passthru ipsec disable set vpn ipsec unknown_spi disable [...] (see http://support.fortinet.com/forum/post.asp?do=reply&messageID=6514&smode=1&tmode=1&p=2&toStyle=m) - Steve
3178
0 Kudos
Not applicable
In response to

Created on ‎12-07-2004 02:32 AM

There is no command for : get config in Firmware 2.80 MR5 when i type get config i get the below error Fortigate-60 $ get config command parse error before ' config' Any other options ?
3178
0 Kudos
Not applicable

Created on ‎12-03-2004 05:37 AM

Rats... the link should be: http://support.fortinet.com/forum/m.asp?m=1355&p=2&tmode=1&smode=1&key=&language=
3178
0 Kudos
Not applicable

Created on ‎04-02-2005 12:18 AM

Does anyone have an answer to this question?
3178
0 Kudos
UkWizard
New Contributor

Created on ‎04-02-2005 05:39 AM

Syntax is different in 2.8, so this is incorrect. Also strangely this feature doesnt even exist anymore in the later revisions of firmware. I cannot remember which was the last revision that still had it in (its mentioned somewhere in this forum) think it was 2.8 MR6 ?? However, IPSec should pass through the unit anyway, if it doesnt work for you, its probably the NAT that is breaking it. You need a remote firewall (that you are connecting to) and a VPN client that BOTH support NAT-Traversal. What are you trying to get working ?
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
3178
0 Kudos
Not applicable

Created on ‎04-02-2005 05:58 PM

I would like to set up a VPN site-to-site between 2 fortigates but have 2 other fortigates in between. ie: SubA -> Forti1 -> SubB -> Forti2 -> Internet -> Forit3 -> SubC -> Forti4 -> SubD I can create a VPN between Forti2 & Forti3 no probs but would like to create a VPN between Forti1 & Forti4 so Forti2 & Forti3 have to passthru the IPSEC
3178
0 Kudos
UkWizard
New Contributor

Created on ‎04-03-2005 05:19 AM

As long as NAT Traversal is turned on for the VPN configurations of the firewalls at the ends of the tunnel, should work fine. If it doesnt, its probably a routing issue instead. Otherwise couldnt you just vpn between 2 and 3 instead ?
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
3178
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.