Hi, There is a mention in documentation since v. 6.4:"Two new tables are
added to the FortiOS Enterprise MIB: FgSwDeviceEntry: Details about
connected FortiSwitch devices.FgSwPortEntry: Switch port related
information." What MIB is in question and wh...
Hi,We have site-to-site VPN tunnel to remote office with Fortigate VM64
on remote end, everything was worked ok. I need to add additional
network (mobile VPN), from which remote office must be accessed also. I
did changes (added network and policies)...
Hello.I tried to debug non-working VPN tunnel and suspect there is PSK
mismatch.Fortigate doc says: "It is possible to identify a PSK mismatch
using the following combination of CLI commands:diag debug app ike
filter name "phase1-name"...I got an err...
Well, I'm still stuck with this problem. I asked other side to change
proposals to AES256/SHA1, now got slightly another error:ike
0:73e4a87e733dbe4e/0000000000000000:127279: responder received SA_INIT
msg ike 0:73e4a87e733dbe4e/0000000000000000:1272...
ede_pfau wrote:The incoming proposal is AES128/SHA256 with PFS group
5.Usually (best practice) you would only configure one proposal on each
side. Check NATT and DPD as well. Hello,How did you understand, that
this is AES128? I see no any "128" there...
I checked and it seems Phase1 proposals are the same. If I change PSK on
my side to something gibberish, there is still the same error "no SA
proposal chosen". So, is it meaning, that proposals are wrong ?
Hello. Here is output I got, where it must be that PSK mismatch
?responder: main mode get 1st message... ike
0:ad2b8a0d6ffa1154/0000000000000000:101588: VID RFC 3947
4A131C81070358455C5728F20E95452F ike
0:ad2b8a0d6ffa1154/0000000000000000:101588: VID...
