i have configured the Fortigate at the same way, as discribe here:
https://support.astaro.com/support/index.php/Astaro_to_Fortinet_IPsec_VPN_settings
but the connection will not esstablished. In the Log you find the following:
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1202
| next event EVENT_RETRANSMIT in 10 seconds for #1202
|
| *received 244 bytes from x.x.x.172:500 on eth2
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R1
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1202
| next event EVENT_RETRANSMIT in 10 seconds for #1202
|
| *received 100 bytes from x.x.x.172:500 on eth2
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R2
"S_Graz" #1202: ignoring informational payload, type IPSEC_INITIAL_CONTACT
"S_Graz" #1202: Peer ID is ID_IPV4_ADDR: 'x.x.x.172'
| peer CA: %none
| current connection is a full match -- no need to look further
| offered CA: %none
| inserting event EVENT_SA_REPLACE, timeout in 7530 seconds for #1202
"S_Graz" #1202: sent MR3, ISAKMP SA established
| next event EVENT_DPD in 12 seconds for #753
|
| *received 92 bytes from x.x.x.172:500 on eth2
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R3
| received DPD notification R_U_THERE with seqno = 27
| sent DPD notification R_U_THERE_ACK with seqno = 27
| next event EVENT_DPD in 7 seconds for #753
|
| *received 92 bytes from y.y.y.145:500 on eth2
| ICOOKIE: 58 a9 9f b6 94 a3 50 8f
| RCOOKIE: 19 8e 51 e9 4c 26 5b ac
| peer: d4 a6 6c 91
| state hash entry 5
| state object #1182 found, in STATE_MAIN_I4
| received DPD notification R_U_THERE with seqno = 1646530451
| sent DPD notification R_U_THERE_ACK with seqno = 1646530451
| next event EVENT_DPD in 4 seconds for #753
|
| *received 92 bytes from x.x.x.172:500 on eth2
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R3
| received DPD notification R_U_THERE with seqno = 28
| sent DPD notification R_U_THERE_ACK with seqno = 28
| next event EVENT_DPD in 2 seconds for #753
|
| *time to handle event
| event after this is EVENT_DPD in 17 seconds
| inserting event EVENT_DPD, timeout in 30 seconds for #753
| recent DPD activity 4 seconds ago, no need to send DPD notification
| next event EVENT_DPD in 17 seconds for #974
|
| *received 92 bytes from x.x.x.172:500 on eth2
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R3
| received DPD notification R_U_THERE with seqno = 29
| sent DPD notification R_U_THERE_ACK with seqno = 29
| next event EVENT_DPD in 14 seconds for #974
|
| *received 92 bytes from x.x.x.172:500 on eth2
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R3
| received DPD notification R_U_THERE with seqno = 30
| sent DPD notification R_U_THERE_ACK with seqno = 30
| next event EVENT_DPD in 9 seconds for #974
|
| *received 92 bytes from x.x.x.172:500 on eth2
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R3
| received DPD notification R_U_THERE with seqno = 31
| sent DPD notification R_U_THERE_ACK with seqno = 31
| next event EVENT_DPD in 4 seconds for #974
|
| *received 92 bytes from y.y.y.145:500 on eth2
| ICOOKIE: 58 a9 9f b6 94 a3 50 8f
| RCOOKIE: 19 8e 51 e9 4c 26 5b ac
| peer: d4 a6 6c 91
| state hash entry 5
| state object #1182 found, in STATE_MAIN_I4
| received DPD notification R_U_THERE with seqno = 1646530452
| sent DPD notification R_U_THERE_ACK with seqno = 1646530452
| next event EVENT_DPD in 1 seconds for #974
|
| *time to handle event
| event after this is EVENT_RETRANSMIT in 6 seconds
| inserting event EVENT_DPD, timeout in 30 seconds for #974
| recent DPD activity 1 seconds ago, no need to send DPD notification
| next event EVENT_RETRANSMIT in 6 seconds for #1199
|
| *received 92 bytes from x.x.x.172:500 on eth2
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R3
| received DPD notification R_U_THERE with seqno = 32
| sent DPD notification R_U_THERE_ACK with seqno = 32
| next event EVENT_RETRANSMIT in 5 seconds for #1199
|
| *time to handle event
| event after this is EVENT_DPD in 7 seconds
| handling event EVENT_RETRANSMIT for x.x.x.172 "S_Graz" #1199
| inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #1199
| next event EVENT_DPD in 7 seconds for #753
|
| *received 84 bytes from x.x.x.172:500 on eth2
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R3
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| state object #1202 found, in STATE_MAIN_R3
"S_Graz" #1202: received Delete SA payload: deleting ISAKMP State #1202
| ICOOKIE: 38 af 7c 84 ee d9 1a 93
| RCOOKIE: a4 33 bd 07 df 5b e5 be
| peer: d9 59 81 ac
| state hash entry 0
| next event EVENT_DPD in 7 seconds for #753
|
| *received 100 bytes from x.x.x.172:500 on eth2
packet from x.x.x.172:500: received Vendor ID payload [Dead Peer Detection]
| preparse_isakmp_policy: peer requests PSK authentication
| creating state object #1203 at 0x84207d8
| ICOOKIE: e8 63 f4 34 4b 4a 58 9d
| RCOOKIE: d1 36 e6 85 5e e3 3c d6
| peer: d9 59 81 ac
| state hash entry 25
| inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1203
"S_Graz" #1203: responding to Main Mode
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1203
| next event EVENT_DPD in 6 seconds for #753
|
| *received 244 bytes from x.x.x.172:500 on eth2
| ICOOKIE: e8 63 f4 34 4b 4a 58 9d
| RCOOKIE: d1 36 e6 85 5e e3 3c d6
| peer: d9 59 81 ac
| state hash entry 25
| state object #1203 found, in STATE_MAIN_R1
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1203
| next event EVENT_DPD in 6 seconds for #753
|
| *received 100 bytes from x.x.x.172:500 on eth2
| ICOOKIE: e8 63 f4 34 4b 4a 58 9d
| RCOOKIE: d1 36 e6 85 5e e3 3c d6
| peer: d9 59 81 ac
| state hash entry 25
| state object #1203 found, in STATE_MAIN_R2
"S_Graz" #1203: ignoring informational payload, type IPSEC_INITIAL_CONTACT
"S_Graz" #1203: Peer ID is ID_IPV4_ADDR: 'x.x.x.172'
| peer CA: %none
| current connection is a full match -- no need to look further
| offered CA: %none
| inserting event EVENT_SA_REPLACE, timeout in 7530 seconds for #1203
"S_Graz" #1203: sent MR3, ISAKMP SA established
| next event EVENT_DPD in 6 seconds for #753
|
| *received 92 bytes from x.x.x.172:500 on eth2
| ICOOKIE: e8 63 f4 34 4b 4a 58 9d
| RCOOKIE: d1 36 e6 85 5e e3 3c d6
| peer: d9 59 81 ac
| state hash entry 25
| state object #1203 found, in STATE_MAIN_R3
| received DPD notification R_U_THERE with seqno = 34
| sent DPD notification R_U_THERE_ACK with seqno = 34
| next event EVENT_DPD in 1 seconds for #753
|
| *time to handle event
| event after this is EVENT_DPD in 17 seconds
| inserting event EVENT_DPD, timeout in 30 seconds for #753
| recent DPD activity 14 seconds ago, no need to send DPD notification
| next event EVENT_DPD in 17 seconds for #974
|
| *received 92 bytes from x.x.x.172:500 on eth2
| ICOOKIE: e8 63 f4 34 4b 4a 58 9d
| RCOOKIE: d1 36 e6 85 5e e3 3c d6
| peer: d9 59 81 ac
| state hash entry 25
| state object #1203 found, in STATE_MAIN_R3
| received DPD notification R_U_THERE with seqno = 35
| sent DPD notification R_U_THERE_ACK with seqno = 35
| next event EVENT_DPD in 13 seconds for #974
|
| *received 92 bytes from y.y.y.145:500 on eth2
| ICOOKIE: 58 a9 9f b6 94 a3 50 8f
| RCOOKIE: 19 8e 51 e9 4c 26 5b ac
| peer: d4 a6 6c 91
| state hash entry 5
| state object #1182 found, in STATE_MAIN_I4
| received DPD notification R_U_THERE with seqno = 1646530453
| sent DPD notification R_U_THERE_ACK with seqno = 1646530453
did anyone know whats the Problem?
kind regards
Alex
This thread was automatically locked due to age.
