Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
DrWitt
New Contributor

Created on ‎01-03-2015 04:39 AM

One wan interface two tunnels

Configuration ipsec

Wan1 - Internet   (vpntunnel1 , and vpntunnel2)

Interface 1 - lan1 10.0.0.0

Interface 2 - lan2 10.0.3.0

I can establish vpn with vpntunnel1 to lan1 but cannot establish vpntunnel2 to lan2

in event log vpn when I try establish vpntunnel2 I see there the fortigate is tryining go through vpntunnel1 instead vpntunnel2 (strange). (vpntunnel2 have diffrent adresses and has intrEface 2 which I set in objects)

event log: progress IPsec phase 1 success and delete IPsec phase 1 SA but why vpntunnel1 not 2.

I think i can set the fortigate to choose vpntunel2 and then everything will be ok ? But how ?

p.s SORRY for English

 

3868
0 Kudos
1 Solution
emnoc
Esteemed Contributor III

Created on ‎01-03-2015 08:21 AM

Okay you have 2 tunnels are these route-based or policy-base? Or can you share the  vpn configuration?

PCNSE 

NSE 

StrongSwan  

View solution in original post

PCNSE NSE StrongSwan
2150
0 Kudos
4 REPLIES 4
emnoc
Esteemed Contributor III

Created on ‎01-03-2015 08:21 AM

Okay you have 2 tunnels are these route-based or policy-base? Or can you share the  vpn configuration?

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
2151
0 Kudos
DrWitt
New Contributor

Created on ‎01-03-2015 08:43 AM

I have forti in interface mode. And I've created vpn with forti wizard (Firmware 5.2) and wizard created policy.

1. vpntunnel1 -->internal1 (vpn works)  

2. vpntunnel2--> internal2 (vpn not works)

 

2106
0 Kudos
emnoc
Esteemed Contributor III

Created on ‎01-03-2015 08:55 AM

Okay so this still not saying alot.

 

Whats not working? ( phase1, phase2, firewall policies )

What diagnostics did you conduct ?

Did you ensure routes are correct ?

Did you ensue fwpolicies are correct?

 

Can share the cfg ?

 

 

 

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
2106
0 Kudos
DrWitt
New Contributor

Created on ‎01-03-2015 01:13 PM

When i delete vpntunnel 1 (which work) then I can establish connection on vpntunnel2 (work ok)

When both vpntnnel 1 and vpntunnel2 are configured at fortigate i can only establish connection on vpntunnel1.

When both tunnel are set on fortigate - forticlient only connect to vpntunnel1 .

One user connect to vpntunnel1 - interface1 ok

Second user try to connect thru vpntunnel2 - interface2 - but forti direct him to vpntunnel1 :(

2106
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.