Skip to main content
JLopezM22
JLopezM22
New Member
July 5, 2022
Solved

error - reverse path check fail, drop

  • July 5, 2022
  • 3 replies
  • 20593 views

Hi everyone

 

We're trying to connect 2 sites with an VPN IPSEC. with the tunnel up and working. we have the next issue:

 

Scenario:

Triying to connect 192.168.0.102 --> 10.58.152.10

Having the following issue:

JLopezM22_0-1657024143582.png

 

Anyone can help please?

Best answer by JLopezM22

Finally solved restoring backup :)

3 replies

sagha
Staff
sagha
Staff
July 5, 2022

Hi, 

 

Please provide the output for the following: 

 

get router info routing-table details 192.168.0.102 

get router info routing-table details 10.58.152.10

 

Once you share these outputs, we can clarify what might be going wrong here.

 

Thank you. 

Shahan

 

    JLopezM22
    JLopezM22Author
    New Member
    July 5, 2022

     

    Routing table for VRF=0
    Routing entry for 192.168.0.0/22
    Known via "connected", distance 0, metric 0, best
    * is directly connected, VLAN-A.

     

    FGT01 (root) ## get router info routing-table details 10.58.152.1

    Routing table for VRF=0
    Routing entry for 10.58.152.0/24
    Known via "static", distance 10, metric 0
    10.58.152.1, via port14

    Routing entry for 10.58.152.0/24
    Known via "connected", distance 0, metric 0, best
    * is directly connected, port14

    sagha
    Staff
    sagha
    Staff
    July 6, 2022

    Hi, 

     

    If you could see that there is no route for 192.168.0.102 via IPsec Interface, that is why you are seeing reverse path check. 

     

    Routing table for VRF=0
    Routing entry for 192.168.0.0/22
    Known via "connected", distance 0, metric 0, best
    * is directly connected, VLAN-A.

     

    You are receiving the traffic from source interface IPsec and you should also have a route that points at the Ipsec interface for 192.168.0.102. 

     

    Please add a static route and it should fix this. 

     

    Thanks, 

    Shahan

    sagha
    Staff
    sagha
    Staff
    July 5, 2022

    Hi, 

     

    You can also check the following article for details: https://community.fortinet.com/t5/FortiGate/Technical-Note-Details-about-FortiOS-RPF-Reverse-Path-Forwarding/ta-p/190100


    Thank you. 

    Shahan

    JLopezM22
    JLopezM22AuthorAnswer
    New Member
    July 6, 2022

    Finally solved restoring backup :)

    Terms & ConditionsAccessibility statement