PP2P using Fortigate 50B

Posted on 2011-09-29
Last Modified: 2012-05-12
Hi Guys,

I am trying to configure a Fortigate 50GB to pass through VPN requests to a Microsoft 2003 RASS server. Any idea on the best way to do this? I am having no luck.
Question by:Layer3User
  • 4
  • 2
LVL 15

Expert Comment

ID: 36858077
Yes, you need to open up port 1723 TCP, GRE and ICMP
1723 is used to establish the tunnel.
GRE (Generic Route Encapsulation) is a protocol, it is IP protocol 47 that is used to actually tunnel the traffic.
ICMP needs to be opened up - I found that one out the hard way.  Dunno why it needs it but it wouldn't establish the connection without it.


Author Comment

ID: 36860468
Ah, the ICMP might have got me. I'll try this.

Author Comment

ID: 36900252
Nope, that didn't seem to work.
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

LVL 15

Expert Comment

ID: 36901303
I recall that the way I resolved it previously was to set up a packet capture on the device, then open up IP ANY/ANY then capture the traffic.  Then you'll know exactly what protocols are being used to establish the VPN.
It could also be a firewall on the box you are connecting into. Most domain computers will block any IP traffic that originates outside its own subnet.

Accepted Solution

Layer3User earned 0 total points
ID: 37118064
No solution found.

Author Closing Comment

ID: 37136773
No solution found.

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Android VPN into Server 2012 R2 Essentials (SSTP VPN) 4 111
ipsec tunnel comme not up 10 79
ASA - RV130 VPN tunnel, cannot pass traffic 8 52
Classlful vs Classless subneting 18 62
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now