PP2P using Fortigate 50B

Posted on 2011-09-29
Last Modified: 2012-05-12
Hi Guys,

I am trying to configure a Fortigate 50GB to pass through VPN requests to a Microsoft 2003 RASS server. Any idea on the best way to do this? I am having no luck.
Question by:Layer3User
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
LVL 15

Expert Comment

ID: 36858077
Yes, you need to open up port 1723 TCP, GRE and ICMP
1723 is used to establish the tunnel.
GRE (Generic Route Encapsulation) is a protocol, it is IP protocol 47 that is used to actually tunnel the traffic.
ICMP needs to be opened up - I found that one out the hard way.  Dunno why it needs it but it wouldn't establish the connection without it.


Author Comment

ID: 36860468
Ah, the ICMP might have got me. I'll try this.

Author Comment

ID: 36900252
Nope, that didn't seem to work.
Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

LVL 15

Expert Comment

ID: 36901303
I recall that the way I resolved it previously was to set up a packet capture on the device, then open up IP ANY/ANY then capture the traffic.  Then you'll know exactly what protocols are being used to establish the VPN.
It could also be a firewall on the box you are connecting into. Most domain computers will block any IP traffic that originates outside its own subnet.

Accepted Solution

Layer3User earned 0 total points
ID: 37118064
No solution found.

Author Closing Comment

ID: 37136773
No solution found.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question