I also note that you do not have any routing statements (no static routes and no dynamic routing). You should configure an IP address for vlan 1 to be in that network. But there is nothing configured on the Cisco about that network. The most important is that you indicate that the Fortinet expects the remote subnet to be 192.168.70.0. But there are more important issues that you need to address. I agree with Pauwen that the lack of configuration of address translation may be an issue. Please see attached config file for cisco 800. On int f4 (WAN interface) I have ip add DHCP configured.Īll the other interface seem to be layer 2 and cannot configure ip address. The cisco 800 will be connected at home behind the ISP modem.So it will get a DHCP ip address I presume. On cisco 800 side we have tried to follow the steps from Cisco documents but we were not able to make it work. The reason why it has been done like that is to allow users to have the Cisco 800 and travel with that anywhere and he ip address will keep on changing.įortigate_100F # show vpn ipsec phase1-interfaceįortigate_100F # show vpn ipsec phase2-interface Also we are allowing any traffic to come in on Fortinet for testing purposes and it is set in such a way that it will only allow connection when there is a request from the other device and in this case it is Cisco 800. I am trying to do an ipsec VPN from a Fortinet Firewall to a Cisco 800 series router.
0 kommentar(er)
