Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Nivedha
Staff
Staff

Created on ‎04-28-2024 11:44 PM Edited on ‎04-28-2024 11:45 PM By Community Manager

Article Id 312007

Troubleshooting Tip: Hub option greyed out whenc onfiguring ADVPN tunnel using IPSec tunnel wizard

Description This article describes how to troubleshoot when Hub option is greyed out on the IPSec tunnel wizard.
Scope FortiGate.
Solution

When creating an ADVPN IPsec tunnel from the IPsec wizard, the Hub role is greyed out:

 

Hub greyout.png

 

The same device cannot be configured as a Hub and a Spoke, so when FortiGate is configured as a Spoke, the hub option is greyed out on the FortiGate wizard

To check if the device is configured as spoke, run the following command:

 

sh vpn ipsec phase1-int | grep -B10 auto-discovery-receiver

Example:

Tunnel-made test is configured as spoken here:


Home-FGT (root) # sh vpn ipsec phase1-int | grep -B10 auto-discovery-receiver
next
    edit "test"
        set interface "wan1"
        set peertype any
        set net-device enable
        set proposal aes128-sha256 aes256-sha256 aes128-sha1 aes256-sha1
        set add-route disable
        set dpd on-idle
        set comments "VPN: test (Created by VPN wizard)"
        set wizard-type spoke-fortigate-auto-discovery
        set auto-discovery-receiver enable
131
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.