Skip to main content
ssanga
Staff & Editor
ssanga
Staff & Editor
February 17, 2025

Technical Tip: IPsec Aggregate Interface Displays as DOWN When Member is a Dialup IPSec VPN Tunnel

  • February 17, 2025
  • 0 replies
  • 587 views
Description

This article describes an issue where the IPsec Aggregate interface incorrectly displays as DOWN under the Network -> Interfaces and Policy & Objects -> Firewall Policy pages in the GUI, despite the IPsec tunnel status being UP under the IPsec Tunnels page.
Scope

FortiGate v7.2.7, v7.2.8, v7.6.0.
Solution

Despite the IPsec tunnel status appearing as UP under the IPSec Tunnels page, the IPsec Aggregate interface may still incorrectly show as DOWN in the Network -> Interfaces and Policy & Objects -> Firewall Policy pages;


This is a GUI display issue that occurs only when the aggregate members are dial-up interfaces.

 

Aggr1.png


Aggr2.png

 

Aggr3.png


This issue has been resolved in FortiOS versions 7.4.8 and 7.6.1.

 

Workaround:

Verify the status of the tunnel under the VPN -> IPsec Tunnels page.

 

General debug information required by FortiGate TAC for investigation:

  1. TAC Report: 'execute tac report'.
  2. Configuration file of the FortiGate.
  3. Fortinet Support Tool data: Troubleshooting Tip: Collect GUI slowness and errors debugs via Fortinet Support Tool.
    Terms & ConditionsAccessibility statement