So I'm doing a lot more Fortigate work in a new job. Got to grips with most of the Forti foibles but this is a new one..
We've got a site with a Fortigate at the head office and Ciscos at the remote sites. They're in construction so the Ciscos get kicked, dropped, spiked etc but just keep going.
I was adding a new site after recently updating the Fortigate to MR 3 PL1 and it would not work. The VPN just would not come up. Identical Cisco config (bar IP addresses) and the HO Forti VPN config looked identical too. Until you get to the CLI...
Seems now there is a mode-cfg setting that defaults to enabled and the Cisco's don't like being told what to do. Turn that off in the CLI and the VPN came up. By the way the VPNs on the Cisco end are VTIs using routes as these seem to play better and you don't have to specify and match proxies.
Subscribe to:
Post Comments (Atom)
-
We still see this one occasionally. Had one case where we needed to get a policy on but couldn't reboot the firewall. So, tried a few ...
-
I gave Windows 10 another try tonight and after some pretty hefty updates I still have the same issues as before. Same hardware on Windows ... -
I couldn't find a simple guide for this so here it is... I have Ubuntu 12.04 with btrfs as my main FS. Once Windows was install Ubunt...
No comments:
Post a Comment