Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mhrth
New Contributor III

IPSec Tunnel Down if Adding Another Network Segment

Hi, 

 

I am in the middle of configuring IPSec Tunnel from my FortiGate firewall to Sophos firewall. There is no issue when I add one VLAN as both Phase 1 and 2 are up. However, Phase 2 is down when I add another 2 VLANs. The settings in both firewall are similar as we refer to this documentation: https://www.sophos.com/ja-jp/medialibrary/PDFs/documentation/SophosFirewall/Pocket-Guides/Establish-...

 

Thank you in advance :)

3 REPLIES 3
akristof
Staff
Staff

Hello,

You mean when you are adding another Vlan subnet as a separate phase2, all phase2s are down and not negotiating?

Adrian
mhrth
New Contributor III

Hello,

 

Correct. When adding another VLAN subnet as separate phase2, all phase 2 down.

 

Matin

akristof

Hello,

In that case, run ike debug:

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-IPSEC-Tunnel-debugging-IKE/ta-p/1900...

When it will be running, via GUI make all phase2s up and see what is the problem. You can put the result into file and attach it. Just tell me which tunnel are we talking about if the output will have more of them.

Adrian
Labels
Top Kudoed Authors