Interoperability with Fortinet type devices¶
Known Quirks¶The following quirks are known:
|FortiOS||*|| * IKEv2 is only supported with a single set of subnets per CHILD_SA. Thus the same workaround for IKEv1 has to be used with them.
* When the device receives an IKE_SA_INIT from any valid peer, it initiates a tunnel on its own to that peer. That leads to CHILD_SA duplication.
For site-to-site tunnels, the aptly named configuration examples from the UsableExamples page can be used.
For roadwarrior type tunnels, it is analogous.