0 Comments

Issue – Setup an encrypted (IPSec) connection between a FortiGate and a FortiAnalyzer – Command “set encrypt enable” fail

Reading Time: 1 minute

Hardware Firewall: FortiNet FortiGate 500D
Hardware FortiAnalyzer: Fortinet FortiAnalyzer VM64
Problem: Cannot execute “set encrypt enable” on Firewall for encrypted connection between FortiGate and a FortiAnalyzer

 

Hello,

when you want to have an encrypted IPSEC connection between your FortiGate and your Fortianalyzer you can follow this HowTo from Fortinet: How to setup an encrypted (IPSec) connection between a FortiGate and a FortiAnalyzer

When I tried the command “set encrypt enable“, I wasn’t able to execute this on the FortiGate. Message which appears:

Firewall-01 (global) # config log fortianalyzer setting
Firewall-01 (setting) #  set encrypt enable
command parse error before ‘encrypt’
Command fail. Return code -61

Configuration at this moment (global view):

Firewall-01 (global) # show log fortianalyzer setting

config log fortianalyzer setting
set status enable
set server 192.168.1.2
set upload-option realtime
set reliable enable
end

So I look around some other peoples Posts and find my solution Enabling IPSec for a Fortinanalyzer connection here with the command “set enc-algorithm disable”. After execute this, I was able to execute the “set encrypt enable” command and followed the FortiNet HowTo to finsh our configuration.

FortiAnalyzer-Screenshot-Result

Cheers,

Rolf

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Loading...

Tags: , , , , , , , , ,

Leave a Reply