Site-to-Site IPsec VPN Cisco ASA and FortiGate

Image

SOURCE: https://pinoyittechnotes.wordpress.com/2013/06/01/site-to-site-vpn-between-fortigate-and-asa/
http://socpuppet.blogspot.com/2014/05/site-2-site-vpn-fortinet-fortigate-to.html
http://socpuppet.blogspot.com/2013/10/site-2-site-routed-vpn-trouble-shooting.html
http://blog.webernetz.net/2015/02/05/ipsec-site-to-site-vpn-fortigate-cisco-asa/
http://kb.herator.se/index.php/article/fortigate-common-errors-when-debug-ipsec-tunnel
http://www.networkworld.com/article/2288666/lan-wan/chapter-4–common-ipsec-vpn-issues.html

ASA1
Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

09-Jul 09.09.27

Image

Image

Image

Image

Image

Image

Image
FORTIGATE2
Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Troubleshooting
ASA:
# diag debug app ike -1
# diag debug enable

FORTIGATE:
-check communication appear between ASA and FORTIGATE
# diag sniffer packet wan1 “udp and dst port 500”
-check in FortiGate GUI on Log & Report/Event Log/VPN

You can try ping from PC1 to PC2 now

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s