Hello, I'm having trouble configuring an IPSec tunnel between my Comcast gateway device and a FortiGate device. The FortiGate previously worked with another device (Cisco WRVS4400N) at the same location where we now have the Comcast device, and IPSec tunnels continue to work between the FortiGate and Cisco devices at other locations.
This is how the FortiGate device is configured at our main office..
I've tried matching these settings on the Comcast device, but nothing seems to work and the VPN status remains "broken". This is the Comcast device's empty configuration..
Any help would be greatly appreciated!
Hi generaltab, I believe the VPN functionality in the comcast router is disabled, at least that was what the techs told me when I tried to do a similar thing with the CG3000DCR we have been given by Comcast.
First, thank you DonnaC2014 for your correct response wrt any Comcast modem suppport for VPN is disabled. The only thing you would need to do within your Fortigate device (whatever you use for VPN server at your location) is obtain a single Comcast Static IP. Then simply program the Fortigate devices (or your onsite VPN server) static ip network configuration with one of your Comcast Static IP routable, the gateway, and subnet mask, the DNS addresses that were provided to you subsequent to your Comcast Static IP request. If your Fortigate device ( or your onsite VPN server ) provides DHCP dynamic addresses to your VPN clients within your intra-network, then it will be necessary for you to login to the Comcast Gateway (by bringing up a browser on a computer connected directly to one of the LanPorts 1-4, 10.1.10.1, then use username=cusadmin & password=highspeed, then click on LAN link, then uncheck check mark next to DHCP server enable) and disabling the Comcast Gateway DHCP server. After this configuration you should be up and running and hope this helps you out.