Configuring Automatic Failover for GRE over IPsec Tunnels on FortiGate

Forum|Forum|7 months ago
October 23, 2025
1 reply
511 views

Hello, I need your help.
I have a Fortigate 100F running firmware 7.4.7, and I have configured GRE over IPsec tunnels.
My networks are routed using static routes.

The problem is that when one tunnel goes down, the traffic still continues to flow through the main tunnel, so failover to the second tunnel does not occur.

Is there a way to configure something like a link monitor or any other mechanism so that when Tunnel1 goes down, it automatically switches to Tunnel2

Best answer by stmz

You can either use link-monitor to automatically disable the route when probes to specific ip fails or configure SD-WAN

https://docs.fortinet.com/document/fortigate/7.4.1/cli-reference/107620/config-system-link-monitor

stmzAnswer

Visitor III

You can either use link-monitor to automatically disable the route when probes to specific ip fails or configure SD-WAN

https://docs.fortinet.com/document/fortigate/7.4.1/cli-reference/107620/config-system-link-monitor

Liza1Author

Explorer II

thanks for your help

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded