I have a 30E device running firmware 6.0.4. I have the following phase1-interface S2S config:
edit "1176"
set interface "wan"
set ike-version 2
set keylife 28800
set authmethod signature
set proposal aes256-sha1
set dpd disable
set comments "VPN: 1176 (Created by VPN wizard)"
set dhgrp 5
set nattraversal disable
set remote-gw REMOTEIP
set certificate CERT
set peer "1176_peer"
next
According to debug logs on both the Fortinet and the other site (a Cisco ASA 5506), the Fortinet is still sending DPD messages every 10 seconds.
How do I fix this problem?
