Hot!IPSEC Fail

Author
ahmetyilmaz
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/09/09 03:19:03
  • Status: offline
2020/09/09 03:41:56 (permalink)
0

IPSEC Fail

Hi All,
 
Some ip trying to connect over ipsec tunnel to our network. Why can't block IPS these?
 
Like this:
 
Message meets Alert condition
date=2020-09-08 time=06:51:12 devname=xxxxxxxx devid=xxxxxxxxxxx logid="0101037128" type="event" subtype="vpn" level="error" vd="root" eventtime=1599537072204809801 tz="+0300" logdesc="Progress IPsec phase 1" msg="progress IPsec phase 1" action="negotiate" remip=216.218.206.78 locip=xxxxxxxx remport=23703 locport=500 outintf="wan1" cookies="3e35c70729dfedef/0000000000000000" user="N/A" group="N/A" xauthuser="N/A" xauthgroup="N/A" assignip=N/A vpntunnel="N/A" status="failure" init="remote" mode="main" dir="inbound" stage=1 role="responder" result="ERROR"
#1

3 Replies Related Threads

    Markus
    Platinum Member
    • Total Posts : 263
    • Scores: 45
    • Reward points: 0
    • Joined: 2015/03/19 07:30:23
    • Location: Switzerland
    • Status: offline
    Re: IPSEC Fail 2020/09/09 04:32:01 (permalink)
    0
    Hello and welcome to the forums.
    In short: Because of how the FG handles connections (IPS is involved later) in the flow
    https://help.fortinet.com/fos50hlp/52data/Content/FortiOS/fortigate-life-of-packet-52/LoP-packet-flow.htm
    You have to deal with local in policies, if you want to block such IPs (or regions etc.)
    https://forum.fortinet.com/tm.aspx?m=171342
     
    Best
    #2
    ahmetyilmaz
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/09/09 03:19:03
    • Status: offline
    Re: IPSEC Fail 2020/09/09 06:51:04 (permalink)
    0
    Thank you very much for reply Markus. I couldn't find before Packet flow.
    #3
    Markus
    Platinum Member
    • Total Posts : 263
    • Scores: 45
    • Reward points: 0
    • Joined: 2015/03/19 07:30:23
    • Location: Switzerland
    • Status: offline
    Re: IPSEC Fail 2020/09/10 03:45:26 (permalink)
    0
    glad to help
    #4
    Jump to:
    © 2020 APG vNext Commercial Version 5.5