Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSec VPN IOS HA to Fortigate 400A

I am running several VPNs from my HA router with different appliances. We have issues with this Fortigate 400A, tunnel, but traffic passes only sporadically (tunnel never drops). For example sometimes icmp responds through the tunnel and sometimes it just times out. Need to know any know issue that could prevent traffic from crossing the tunnel.

Thanks

flash:c2800nm-advsecurityk9-mz.124-3g.bin

1 REPLY
Bronze

Re: IPSec VPN IOS HA to Fortigate 400A

The problem will be due to mismatch IKE keepalives. By default IKE keepalive's on cisco devices is 86400 seconds. Check the keepalive's at the Fortigate and configure it accordingly. Following links may help you

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094498.shtml

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094761.shtml

634
Views
0
Helpful
1
Replies