Re: ospf vpn fortigate -juniper
Op, you really need to get a packet capture/traceoptions on multicast group 220.127.116.11. If the hello/deadtime/mtu/auth/ospftype are mismatched , than it will clearly be present in the pcap.
On the fortigate you can't set the mtu on a interface-ipsec. On the juniper I would start by looking at the interface mtu
show interface <name> extensive detail
and run a trace
set protocol ospf traceoption file myospf
set protocol ospf traceoption flag all
But you need to get a pcap or trace, that would be your best for double checking if you have any of the above mismatches.
PCNSE, NSE , Forcepoint , StrongSwan Specialist