The Palo Alto is a VM-300 deployed in AWS running software version
8.1.23. It is behind a NAT, but is configured to present the AWS Elastic
IP (public IP) as the identifier. The Fortigate is a 600D running 6.0.4,
deployed on-prem. Attempting IKEv2, I...
I doubt it's connectivity. Ping works fine between the public IPs, and
if I deliberately mismatch encryption settings, the Palo Alto reports
error messages like this: IKE phase-1 negotiation is failed. no suitable
proposal found in peer's SA payload....
Yeah, I've been getting the same behavior here (12.6 Monterey,
FortiClient VPN 7.0.7.0245) TBH the solution from Fortigate is
ridiculously complicated and not suitable to roll out to end users. The
easy solution that worked for me was just setup Lets...
