WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

Teltonika <-> Fortigate GRE/IPsec Issue - Teltonika not encrypting packets

0 votes
480 views 0 comments
by anonymous

Hi,

I have an problem with sending encrypted packets using IPSec/GRE
Teltonika receiving correctly encrypted (ESP) packets but sending non encrypted packets (in GET).
Here is my lab config and sniffed packets:

 

IpSec Config

IpSecEnstablishing correctly:


GRE config:

Routing table: (trace added from GRE)

Here is main problem:

(Packets sniffed on WAN interface)
Teltonika sending non encrypted request. Why? How to fix it?
Fortigate sending encrypted ESP packet
On client everything is okey

I've hope to is solution for that :)
Thanks :)

1 Answer

0 votes
by anonymous

Hello,

The Passthrough networks option available in the RUT240's IPsec configuration is used to select networks that should be passthrough and excluded from routing through the tunnel. This option is especially useful when the router is configured to operate as a VPN gateway and route all data traffic through the tunnel.

Since Fortigate 30E is accessible via RUT240's WAN interface and the Passthrough networks option is set to WAN, the router access Fortigate via "regular WAN interface" instead of VPN tunnel. With that in mind, I would suggest setting Passthrough networks to LAN or NONE and check whether the issue persists.

Also, I would advise changing the Local GRE interface netmask from 255.255.255.255 to the one that suits the number of available GRE endpoints, e.g. 255.255.255.240.