VPN ERROR 500 STATE_MAIN_I1，無法啟動階段 2

我正在嘗試使用openswan從CentOS 7建立一個站點到站點vpn到fortigate 60c，我每次得到的錯誤如下

000 #1: "office":500 STATE_MAIN_I1 (sent MI1, expecting MR1);
EVENT_v1_RETRANSMIT in 8s; nodpd; idle; import:admin initiate
000 #1: pending Phase 2 for "office" replacing #0

我的配置文件

辦公室.conf

conn office
left=%defaultroute              # Your local linux machine IP
leftsubnet=192.168.3.0/24       # The subnet of your local Linux machine
leftid=@openswan               # Same as given in Sonicwall
leftnexthop=%defaultroute
#    leftxauthclient=yes
right=mrt.mx          # Sonicwall VPN IP
rightsubnet=192.168.1.0/24     # Sonicwall LAN subnet
rightid=office          # Sonicwall Unique Identifier
#    rightxauthserver=yes
#    keyingtries=0
#    pfs=yes
auto=start
auth=esp
esp=3DES-SHA1                 
ike=3DES-SHA1
ikelifetime=1800s
authby=secret
aggrmode=no
#    leftmodecfgclient=yes

dpddelay=30
dpdtimeout=60

ipsec.conf

 GNU nano 2.3.1                              Fichero: /etc/ipsec.conf                                                                      

version 2.0     # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# Debug-logging controls:  "none" for (almost) none, "all" for lots.
# klipsdebug=none
# plutodebug="control parsing"
# For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
protostack=netkey
nat_traversal=yes
interfaces=%defaultroute
oe=off
# Enable this if you see "failed to find any available worker"
nhelpers=0
include /etc/ipsec.d/*.conf

我有以下錯誤，我在一篇文章中讀到它無關緊要，但我確實必須啟用轉發，它解決了這個錯誤並允許建立連接找到兩個或多個介面，檢查 IP 轉發

$$ FAILED $$

`sysctl -w net.ipv4.forwarding=1`

引用自：https://serverfault.com/questions/710089