Fortinet: Troubleshoot 5 IPSec Site-to-Site VPN Scenarios - FortiGate
HTML-код
- Опубликовано: 8 июл 2024
- Quick introduction into FortiGate VPN troubleshooting tools along with 5 sample scenarios that you may run into when deploying.
0:00 Overview/Topology
0:42 Troubleshooting tools
2:35 Scenario1 - phase1 down
4:16 Scenario2 - phase1 (still) down
6:37 Scenario3 - phase2 down
8:58 Scenario4 - ping failure
11:10 Scenario5 - ping (still) failure
15:39 Wrap Up - Наука
Brilliant, this would really help FortiGate engineers to fix all the s2s related issues.Awesome.......
Interesting video, well done ! Thanks
It was really to the point. Thanks mate.
thanks for sharing
Amazing content! Thanks so much!
Excellent video!
Wow what great content!
great content 🤝
thanks mate, very usefull information for me
Thank you very much for the video !!
Amazing 🎉
great job, tks!
i love ti, thanks
Thanks (Y)
❤
tks, nice vide, if you allow me to make a question, if nat t is enable I should expect traffic in port 500 as well in phase1 ? or 4500 ? I am confuse
Yes, you should always expect traffic on port 500 regardless of NATT, NATT is specific to phase2
Here's the ports/protocols to expect depending on whether NATT is in use or not:
NATT NOT being used:
phase1 = UDP 500
phase2 = ESP (ie. IP protocol 50)
NATT being used:
phase1 = UDP 500
phase2 = UDP 4500
@@tothepointfortinet3823 tks a lot for the reply..you are a nice person :)
i already creat site to site.its successful to connect but the other side i cant ping thier ip (local ip's).
Sir my problem is that all Connections are up but no Incoming Data and Outgoing data were made.
Might want to check firewall policy config, ipsec selectors and routing config. If you still have trouble check out my video on sniffer. Then it might be good to call support