I am attempting to create a second VPN tunnel on our Fortigate. I have followed the wizard, but I cannot finish creating the tunnel: all I receive is a pop up stating "invalid length of value -1".
This occurs when I use a template from the VPN wizard, or when I do a custom tunnel, filling out all the information.
I have also tried creating a tunnel using a different interface than the one the first tunnel is on, but I still get the same error.
This is on 7.0.14, but I have also tried on another Fortigate (7.4.3), and I receive the same error.
The error seems to indicate to me I have not filled something out, but I am positive I have selected every possible value. What am I doing wrong?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Provide more detail what kind of VPN you're trying to create with IPSec Wizard. It has 4 steps. Like step1: site-to-site with FGT, step2:IP address with PSK, step3:local subnet/remote subnet (don't need to know the subnet but the mask might be the key). Then got the error after stop4?
We probably need the info for the existing VPN config as well if it's conflicting with the new one. Easiest way is to go to cli and "config vpn ipsec phase1-interface" then "show", and "config vpn ipsec phase2-interface" then "show". You can mask gateway/subnet info.
Toshi
Thank you for responding: going through to provide the information provided me with the solution.
I had to disable "Allow Endpoint Registration" in the VPN Wizard for it to work -- using Endpoint Registration would result in an error.
For creating a custom tunnel, when selecting the Authentication Type, Peer Options MUST BE "Accept Any Peer ID" when using IKE 2 -- selecting a local group consistently resulted in an error.
Hi Matthew3
1. Check the input values for the secondary VPN tunnel configuration to ensure they are within the specified length limits and properly formatted.
2. Verify that there are no special characters or spaces in the configuration that could be causing the error.
3. Double-check the settings for the secondary tunnel, including the tunnel name, IP addresses, and authentication details.
4. Ensure that the configuration complies with Fortinet's guidelines and requirements for VPN tunnels.
5. Test the secondary VPN tunnel in a controlled environment to identify any potential issues.
If the error persists, consider reviewing the configuration details thoroughly or reaching out to Fortinet support for further assistance.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.