www.zyxel.com
please check ZyWALL/USG and FortiGate Phase 2 Settings. Both ZyWALL/USG
and FortiGate must use the same Protocol, Encapsulation, Encryption,
Authentication method and PFS to establish the IKE SA.
MONITOR > Log
Make sure the both ZyWALL/USG and FortiGate security policies allow IPSec VPN
traffic. IKE uses UDP port 500, AH uses IP protocol 51, and ESP uses IP protocol 50.
Default NAT traversal is enable on ZyWALL/USG, please make sure the remote
IPSec device must also have NAT traversal enabled.
183/810