7879 questions

9306 answers


12785 members

0 votes
20 views 4 comments
ago by

Hello all,

We have set up an IPSec between a RUTX09 and a Fortigate cluster.
The RUTX09 has an internal subnet of;
The Phase 2 consists of two subnets: <> and <>

Considering policies and rules on the Fortigate side:
For test purposes all ICMP traffic is allowed from to and to as well as vice versa.

We are able to ping from the RUTX09 subnet towards hosts in the and subnets.
However, the other way around we are unable to receive a ping response;
the error is:

Source address is; using ICMP echo-request
Pinging [] with 32 bytes data (60 bytes IP):
From port unreachable; bytes=88 seq=0001 TTL=62

I am unable to see any helpful information in the system log, the iptables and/
or the connection logs.

I presume I have my firewall rules configured incorrectly, but I do not know
how to change them accordingly. Could someone please provide me some guidance?

ago by

Hi there,

Were the screenshots helpful to get some insight regarding this issue?

1 Answer

0 votes
ago by


With default settings, you should not need to change anything in the RUT device firewall. I would like to ask if you could share screenshots of your configuration or please review this guide: https://kaunas.teltonika.lt:444/f/807a80a602b946ad8391/?dl=1

The guide was made for RUT9 devices, but in reality configuration on RUTX looks almost the same.


ago by

Hi VykintasKuzma,

Thanks a lot for your prompt reply and thanks for sharing the guide!
I had followed that specific guide already, I found it on this forum.
However, not all labels are the same in the newer RutOS.
Hence, I had made several presumptions, maybe errornously.
I coul dn ot get the VPN working as per the instructions (dial up construction),
so I changed it to a normal VPN, the SIM card we're using is equipped with a
fixed IP address, which makes this possible.

I hereby attach the screenshots you were asking for, I hope these are the
configuration pages you were looking for.

With kind regards,

ago by

Could you try to disable the RUT device firewall entirely to make sure that the issue is on the RUT side?

You can do that by using this command in SSH/CLI:

etc/init.d/firewall stop


ago by

Hi there,

Thanks for your suggestion, that solved the problem indeed.
So, the issue lies within the firewall configuration;

Could you guide me a bit on how to get traffic from the RUTX09 attached devices to our internal network please?