Hi!
Has anyone here got this to work? I have a VPN tunnel setup with ipsec and preshared key.
When I try to connect the fortigate sees the client and shows up under Ipsec Monitor but the connection never truly establishes. After a while windows says:
The built-in “IPsec” client in Windows isn’t pure IPsec, its L2TP/IPsec; it is encapsulating PPP in a UDP data stream, and encapsulating that UDP data stream in IPsec.
Did you perform the steps to configure L2TP/IPsec on the FortiGate?
Here’s a reference: Cookbook | FortiGate / FortiOS 6.2.0 | Fortinet Documentation Library
Last time I checked, it worked “out of the box” (just a minimal test config though). This would need some debugs to figure out where things failed. Something along the lines of:
dia de console timestamp enable
dia vpn ike log filter dst-addr4
dia de app ike 63
dia de app l2tp -1
dia de en
==> reproduce, then dia de dis + dia de res to stop the debugs.
By default this is L2TP/IPsec in Windows as well. You need to actively go and make edits in the registry to force it to do plaintext L2TP without IPsec.
Assuming OP went with the “Windows native” tunnel wizard, they should have L2TP/IPsec configured on the FortiGate-side as well.
