Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

additional details for fortinet VPN site-to-site configuration #198

Open
Alejandrodelgado opened this issue Jan 25, 2024 · 0 comments
Open

additional details for fortinet VPN site-to-site configuration #198

Alejandrodelgado opened this issue Jan 25, 2024 · 0 comments
Assignees
@jbmitch

Comments

@Alejandrodelgado
Copy link

Alejandrodelgado commented Jan 25, 2024
edited
Loading

as documented in cs3689825
and documented here
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-FortiGate-sends-local-id-in-FQDN-type-when/ta-p/224888
and here
https://docs.strongswan.org/docs/5.9/support/faq.html

In case of different internal and external IP in Fortinet this is the solution to avoid "no matching peer config found" error
Dont leave localid-type in auto, in case localid can not be set after change localid-type set to address , open a ticket in Fortinet.

config vpn ipsec phase1-interface

 edit 1
   set localid-type address
   set localid <external-ip>

end
@Alejandrodelgado Alejandrodelgado changed the title additional details for forti configuration additional details for fortinet VPN site-to-site configuration Jan 25, 2024
@sheltons sheltons assigned jbmitch and unassigned sheltons Feb 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jbmitch jbmitch

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Alejandrodelgado @sheltons @jbmitch