Created on 12-04-2009 02:41 AM Edited on 04-08-2024 09:53 AM By Stephen_G
Description
This article describes that in the FortiOS firmware, a VPN interface name is limited to 15 characters.
This article will help to best utilize IPsec VPN phase_1 naming.
Scope
For all FortiOS versions before 7.0.14, 7.2.7, 7.4.3.
Solution
Notes:
Output of diag vpn ike gateway:
vd: root/0
name: Hub_and_spokeIP_0
version: 1
interface: wan1 17
addr: 10.109.17.73:500 -> 10.109.17.2:500
tun_id: 10.10.1.3/::10.0.0.3
remote_location: 0.0.0.0
network-id: 0
virtual-interface-addr: 10.10.1.1 -> 10.10.1.3
created: 4004s ago
peer-id: 10.109.17.2
peer-id-auth: no
auto-discovery: 1 sender
IKE SA: created 1/1 established 1/1 time 0/0/0 ms
IPsec SA: created 1/1 established 1/1 time 0/0/0 ms
id/spi: 0 84eb3febb137bf55/65d46748d31458bf
direction: responder
status: established 4004-4004s ago = 0ms
proposal: aes128-sha256
key: b940b08d80216e4d-4c391828187d61de
lifetime/rekey: 86400/82125
DPD sent/recv: 0000002f/0000001d
peer-id: 10.109.17.2
vd: root/0
name: Tunnel_FortiCli_0
version: 1
interface: wan1 17
addr: 10.109.17.73:500 -> 10.109.21.93:500
tun_id: 10.33.1.10/::10.0.0.6
remote_location: 0.0.0.0
network-id: 0
virtual-interface-addr: 169.254.1.1 -> 0.0.0.0
created: 89s ago
xauth-user: peter
2FA: no
peer-id: 10.109.21.93
peer-id-auth: no
FortiClient UID: 3E112EAB4D534E4E89310246EEC71ADA
assigned IPv4 address: 10.33.1.10/255.255.255.255
IKE SA: created 1/1 established 1/1 time 160/160/160 ms
IPsec SA: created 1/1 established 1/1 time 0/0/0 ms
id/spi: 2 eb67b3b091a276f6/9cee3364ca8a139b
direction: responder
status: established 89-89s ago = 160ms
proposal: aes256-sha256
key: f578e233ebc7962c-3c699852caa27f7c-f1b8727f2d4a82dd-afb4b8b672b968e8
lifetime/rekey: 86400/86040
DPD sent/recv: 00000000/00000011
peer-id: 10.109.21.93
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.