one site has a web facing wan ip address (site A) and the other site is behind a router (Site B)
I've used the wizard to create a site-to-site VPN between both sites.
Site A tunnel has a "dialup" template, Site B has a "Site to Site" template
After creating both tunnels, here are the errors in "VPN Events" log:
The logs on Site A shows " peer SA proposal not match local policy"
The logs on Site B shows success
Any help would be appreciated.
Go to Solution.
the templates may differ in SA in Phase2.
i never use the wizards cause they create groups for all and anything..
tipp from me.. dont use the wizards and create your own VPNs (custom)... you learn something then :)
View solution in original post
Yep, found it!
When I switched to Custom, I saw the option of Auto-Negotiate in the Advanced options of Phase 2 Selectors.
Enabled it brought the VPN up
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.