We' ve been trying to setup a site to site VPN tunnel to one of our
vendors using a preshared key. The encryption is AES256 and the
Authentication is supposed to be SHA (not SHA-1). SHA is not an
Authentication option within the Fortigate units but S...
Abel' s suggestion works very well. You can also use the packet sniffer
from the CLI to see realtime connection attempts. Something like:
diagnose sniffer packet wan1 ' host xxx.xxx.xxx.xxx' where wan1 is your
external port and xxx.xxx.xxx.xxx is you...
You shouldn' t need any other solution. The Fortigate can handle
everything you need. It sounds like a configuration issue. If the public
ip address your exchange server uses does not have reverse dns properly
setup, spam filters could be blocking yo...
Thank you all for the feedback. We are trying to force the peer to allow
SHA-1, but they are a multi-billion dollar company that has adopted ISO
standards and for them to make a change for a single client would
require quite a bit of work on their en...
