Xr90 ipsec vpn

I have a new XR90 that I am trying to get connected to our Fortigate Firewalls. We have existing MG90s that work find, but these two systems are very different. The IPSec tunnel shows up on both sides, but I can’t get any traffic to go over it from the XR90.
Has anyone else successfully gotten an XR90 IPSec tunnel running?
Thank you.

Hi swnelson,

I tested locally. My VPN server IP is XR90 WAN IP has the same subnet as the server, its IP is

It succeeds to establish the VPN connection. My XR90 can ping Device IP which is on the server side.

Below is my server configuration:
Mode: LAN
Local Subnet :
Device IP:
IPsec FIPS Mode: Disable
Perfect Forward Secrecy (PFS): Enable
Internet Key Exchange: IKEv1
Dead Peer Detection (DPD): Enable
Authentication Method: Pre-shared Key
IKE Algorithms: aes128-sha256-dh14(modp2048)
ESP Algorithms: aes128-sha512-dh21(ecp521)

And my XR configuration is in the attached file.
XR90_Config.zip (165.7 KB)


Thanks for testing that, I’m pretty sure its a bug with our Fortinet firewalls. We are seeing some weird things with cross talk with VLANs but only for VPN traffic. Isolated and put it on a dedicated device and that works without issue.