I am really struggling to configure an IPSec tunnel between a WR31 and a Fortigate.
I am loosely following this guide:
https://ftp1.digi.com/support/documentation/AN_027_Configure_an_IPSEC_VPN.pdf
I am attempting to configure a tunnel between the Fortigate at HQ and the Digi using IPSec. I have tracing turned on and see a bunch of these messages:
----- 9-2-2022 14:10:04.300 -------
IKE DEBUG: Handling IKE packet
----- 9-2-2022 14:10:04.300 -------
IKE DEBUG: Locating IKE context
----- 9-2-2022 14:10:04.300 -------
IKE DEBUG: Packet for new phase 1 session
----- 9-2-2022 14:10:04.300 -------
IKE DEBUG: Ignoring new phase 1 request
----- 9-2-2022 14:10:04.300 -------
IKE DEBUG: IKE context not located
----- 9-2-2022 14:10:04.300 -------
IKE DEBUG: No IKE context found
The one part I think I am confused about is how to associate the pre-shared key to the Digi config. I have set values in the “Our ID” and “Remote ID” fields and then created corresponding users on the Digi, setting their “passwords” to the pre-shared key value.
All other settings appear to be correct, but I am stumped…
Here is a bit more analyzer info:
NDIS From REM TO LOC IFACE: PPP 1
00 00 11 12 13 14 Dst. MAC
00 00 11 12 13 15 Src. MAC
08 00 Type: IP
IP:
45 IP Ver: 4
Hdr Len: 20
00 TOS: Routine
Delay: Normal
Throughput: Normal
Reliability: Normal
01 40 Length: 320
40 3D ID: 16445
00 00 Frag Offset: 0
Congestion: Normal
May Fragment
Last Fragment
2E TTL: 46
11 Proto: UDP
5D C9 Checksum: 24009
47 53 03 4A Src IP:
A6 B4 FC 55 Dst IP:
----- 9-2-2022 14:36:34.800 -------
IKE DEBUG: Handling IKE packet
----- 9-2-2022 14:36:34.800 -------
IKE DEBUG: Locating IKE context
----- 9-2-2022 14:36:34.800 -------
IKE DEBUG: Packet for new phase 1 session
----- 9-2-2022 14:36:34.800 -------
IKE DEBUG: Ignoring new phase 1 request
----- 9-2-2022 14:36:34.800 -------
IKE DEBUG: IKE context not located
----- 9-2-2022 14:36:34.800 -------
IKE DEBUG: No IKE context found