Issue – Setup an encrypted (IPSec) connection between a FortiGate and a FortiAnalyzer – Command “set encrypt enable” fail

0 Comments 10:44 am
Reading Time: < 1 minute

Hardware Firewall: FortiNet FortiGate 500D
Hardware FortiAnalyzer: Fortinet FortiAnalyzer VM64
Problem: Cannot execute “set encrypt enable” on Firewall for encrypted connection between FortiGate and a FortiAnalyzer



when you want to have an encrypted IPSEC connection between your FortiGate and your Fortianalyzer you can follow this HowTo from Fortinet: How to setup an encrypted (IPSec) connection between a FortiGate and a FortiAnalyzer

When I tried the command “set encrypt enable“, I wasn’t able to execute this on the FortiGate. Message which appears:

Firewall-01 (global) # config log fortianalyzer setting
Firewall-01 (setting) #  set encrypt enable
command parse error before ‘encrypt’
Command fail. Return code -61

Configuration at this moment (global view):

Firewall-01 (global) # show log fortianalyzer setting

config log fortianalyzer setting
set status enable
set server
set upload-option realtime
set reliable enable

So I look around some other peoples Posts and find my solution Enabling IPSec for a Fortinanalyzer connection here with the command “set enc-algorithm disable”. After execute this, I was able to execute the “set encrypt enable” command and followed the FortiNet HowTo to finsh our configuration.




1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)


Leave a Reply

Related Post

%d bloggers like this: