Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
marcin85
New Contributor

Created on ‎05-06-2024 02:40 PM Edited on ‎05-06-2024 03:02 PM

VPN L2TP on Fortigate 60F behind GPON modem

Hi, i have a problem with setting up L2TP Server (for native Windows Client). My Fortigate is behind GPON modem  (FG is in DMZ to forward all trafic). I have configured L2Tp according to manual - the vpn is setting up but after 20s it's down. In logs i have:

 

2024-05-06 23_35_58.png 

 

 

 

 

 

 

 

In debug i have:

2024-05-06 23_37_32.png

 

In WAN1 of Fortigate i have IP from the local subnet with the GPON modem (10.10.0.0), not the public IP from ISP.

The public IP is on GPON modem.

What can be the problem?

Labels:
158
0 Kudos
2 REPLIES 2
abarushka
Staff
Staff

Created on ‎05-07-2024 12:48 AM

Hello,

 

You may consider to collect IKE debug traces while the tunnel is going down by running the commands below:

 

diagnose debug application ike -1
diagnose debug enable

FortiGate
106
ebilcari
Staff
Staff

Created on ‎05-07-2024 07:36 AM Edited on ‎05-07-2024 07:41 AM

Since the public IP is on the modem did you configure the port forwarding to FGT (UDP: 500, 4500, 1701)?

In my experience if you want to use the built in VPN client in Windows, it's better to use IKEv2, is much more stable than the old L2TP. This article shows how to use certificates for authentication, but it can be configured also to use credentials.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
84
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.