About sidp

sidp · 08-23-2024

Hello,I am trying to establish a site-to-site IPsec VPN from a Cisco 1121 (IOS XE) to a Fortigate, but I keep getting a mismatch.To use a separate zone for the VPN tunnel in the zone-based firewall on the Cisco router, I am using route-based VPN. (Th...

sidp · 01-09-2023

Communication issues - ikev1 vpn Cisco IOS <-> Fortigate I configured a ikev1 tunnel between Cisco IOS and Fortigate.The tunnel comes up but communication only works after a client of the remote site (cisco) initiated some traffic.As you can see in t...

sidp · 06-02-2022

Hi guys, I have to realise the following situation and need some help. I would like to use the same Tunnel interface on the hubs for all spokes. When I check the "sh run int tun1" on both sites it shows up up but it also shows up up if I configu...

sidp · 07-29-2020

I have some routing problems with my Cisco ASA. IPsec VPN is up and running but my ASA sends all packets for the remote network back to the switch instead of into the ipsec vpn. IPsec session only shows Rx but zero Tx... Switch routing: S* 0.0.0....

sidp · 06-04-2020

I have a Cisco 867VAE with an IPsec to my Cisco ASA. Because the network (192.168.10.0/24) is already used on my site (ASA) I have to NAT the entire network to 172.19.66.0/24 for the communication through the ipsec. As soon as I add the static NAT 19...

sidp · 08-23-2024

Thanks to both of you. The crypto map was a copy & paste mistake from an older config. These two command in Tunnel0 did the trick. ip unnumbered GigabitEthernet0/0/0tunnel protection ipsec policy ipv4 CACL

sidp · 01-12-2023

Thanks for your help MHM. The documentation you shared is for older releases. I spoke to support about it, here is the summary. I was using group address objects in fortigates phase2-interface local and remote network which is supported according to ...

sidp · 01-11-2023

Yes the cisco config is policy-based and I also tried route-based. I think I found the problem, by try and error princip....On Fortigate in Phase 2 we are using a group object for source network (set src-name) and as soon as I replaced it with a sing...

sidp · 01-11-2023

Thanks for your time. I watched the video.The vpn interfaces in the policies are there because Fortigate is using route-based vpn by default. Currently I have a rule that allows any traffic on any interfaces until I'm able to solve this problem. I al...

sidp · 01-10-2023

testrouter#show crypto ipsec sa interface: GigabitEthernet1Crypto map tag: IPSECMAP, local addr 1.2.3.62 protected vrf: (none)local ident (addr/mask/prot/port): (10.183.2.0/255.255.255.0/0/0)remote ident (addr/mask/prot/port): (172.18.0.0/255.255.0.0...

Member Since	‎01-20-2016 02:40 AM
Date Last Visited	‎08-30-2024 06:05 AM
Posts	25
Total Helpful Votes Received	35

User Statistics

User Activity

Issues with route based VPN connection to Fortigate

Communication issues - ikev1 vpn Cisco IOS <-> Fortigate

GRE Tunnel DMVPN without NHRP

Wrong routing for VPN remote network

Cisco 867VAE NAT overload and static internet issues

Re: Issues with route based VPN connection to Fortigate

Re: Communication issues - ikev1 vpn Cisco IOS <-> Fortigate

Re: Communication issues - ikev1 vpn Cisco IOS <-> Fortigate

Re: Communication issues - ikev1 vpn Cisco IOS <-> Fortigate

Re: Communication issues - ikev1 vpn Cisco IOS <-> Fortigate