Hot!VPN IPSec method Pre-shared Key (dialup - forticlient) 2 or more rules

Author
exidinus
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/09/16 03:44:59
  • Status: offline
2020/09/16 04:08:23 (permalink)
0

VPN IPSec method Pre-shared Key (dialup - forticlient) 2 or more rules

Hello.
Sorry, I didn't know which section is better to write VPN or Firewall
 
Users must remotely connect to the central office and work with authorized services. Users can be included in groups for which the service should be available. IPSec pre-shared key
There are 2 rules in the firewall
 
show
config firewall policy
    edit 4
        set name "vpn_ipsec_1"
        set uuid **********************
        set srcintf "ipsec_1"
        set dstintf "lan"
        set srcaddr "ipsec_1_range"
        set dstaddr "server_1"
        set action accept
        set schedule "always"
        set service "ALL"
        set inspection-mode proxy
        set comments "VPN: ipsec_1
        set nat enable
    next
end

 
 
config firewall policy
    edit 5
        set name "vpn_ipsec_2"
        set uuid ***********************
        set srcintf "ipsec_2"
        set dstintf "lan"
        set srcaddr "ipsec_2_range"
        set dstaddr "server_2"
        set action accept
        set schedule "always"
        set service "ALL"
        set inspection-mode proxy
        set comments "VPN: ipsec_2
        set nat enable
    next
end

 
The crux of the pain is
VPN_2 is not connected on the client, but if you disable rule number 1, then VPN_2 is connected on the client. Tell me where to dig?
#1

2 Replies Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 2284
    • Scores: 219
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: VPN IPSec method Pre-shared Key (dialup - forticlient) 2 or more rules 2020/09/16 09:00:26 (permalink)
    0
    Look for the references in my comment in the thread. It was discussed in multiple threads in the past.
    https://forum.fortinet.co...m=188200&tree=true
    #2
    exidinus
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/09/16 03:44:59
    • Status: offline
    Re: VPN IPSec method Pre-shared Key (dialup - forticlient) 2 or more rules 2020/09/16 23:13:38 (permalink)
    0
    Thank you so much.
    #3
    Jump to:
    © 2020 APG vNext Commercial Version 5.5