IPSEC VPN for remote users - no matching gateway for new request

Author
sionathan
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2013/07/11 14:44:13
  • Status: offline
2013/07/11 14:57:33 (permalink)
0

IPSEC VPN for remote users - no matching gateway for new request

I' m new to FortiGate firewalls, but a client just got a 60C (MR3 Patch 12) they want to use with the FortiClient for remote IPSEC VPN connections.

I found a how-to guide for this in the FortiOS Cookbook (http://docs.fortinet.com/cb/html/index.html#page/FOS_Cookbook/IPSec/cb_ipsecvpn_forticlient.html), but when i try to have a client connect it fails, and the console log shows the following:

Virtual Domain root
Message IPsec phase 1 error
Action negotiate
IPSec Remote IP []
IPSec Local IP []
Remote Port 6893
Outgoing Interface wan1
Local Port 500
Cookies 34f19195f36324fa/0000000000000000
User N/A
Group N/A
XAUTH User N/A
XAUTH Group N/A
Status negotiate_error
VPN Tunnel N/A
Error Reason no matching gateway for new request
Peer Notification N/A

Any ideas what i missed? I tried 2x following the cookbook so far, but same results each time.

Thanks for your thoughts!
#1

1 Reply Related Threads

    Dipen
    Gold Member
    • Total Posts : 305
    • Scores: 4
    • Reward points: 0
    • Joined: 2013/06/17 07:24:49
    • Location: Muscat; Oman
    • Status: offline
    RE: IPSEC VPN for remote users - no matching gateway for new request 2013/07/30 11:08:53 (permalink)
    0
    The FortiOS Cookbook describes IPSEC Configuration in Tunnel Mode. However the recommended mode is Interface Mode. Where each IPSEC Phase1 is created as a Sub-Interface.
    Leaving " Interface Mode" apart let' s talk about your Tunnel Mode. The Tunnel Mode will not work until a corresponding Firewall Policy is created.
    Please create a Firewall Policy to bring the Tunnel Up.
    #2
    Jump to:
    © 2019 APG vNext Commercial Version 5.5