Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
solidblueliquid
New Contributor

2 Problems, SSL certificate not accepted and general question about VPN

Hi Everyone,

 

I have a 100D, i previously had my wildcard certificate installed but it expired. When i try to re-install it I get an error with the manage IP, it highlights it red. I haven't changed the settings from last year. Any ideas?

 

Secondarly the fortigate has a built in VPN, but i understand you can't use it in Transparent mode, is this right?

3 REPLIES 3
ede_pfau
Esteemed Contributor III

hi,

 

there have been some troubles with management IP settings ("overlapping address") in the recent past. Check that you set the interface role to 'undefined' in the interface setup page. This is not guaranteed to help but it worked for me.

 

Second, yes you can use a transparent FGT as IPsec VPN gateway, but only if you create the VPN in policy mode (in contrast to the usual interface mode). Policy mode VPN creates the corresponding route from the source/destination addresses used in the policy. You will need to take a long look into the FortiOS Handbook.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
solidblueliquid
New Contributor

Thanks for that, i'll start hunting the VPN area. As for the interface, I can't find that setting. I'm on firmware FortiOS v5.6.0, Build 1449

ede_pfau
Esteemed Contributor III

Then it's probably not the cause of your troubles. I've had some nasty experiences with this in v5.4.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Labels
Top Kudoed Authors