FGT lost some IPSec connection

Forum|Forum|6 years ago
July 8, 2019
1 reply
3557 views

Over the weekend this occoured: a bunch of tunnel went down and refuse to come back up. I do not see any error in debug log. Just initiating the tunnel and sending dpd requests.

I've cleared all sessions in both directions on both sides for the corresponding remote gw

I flushed and resetted the tunnel and gatewayon both sides

with no effect.

All affected IPSec tunnels used to work fine until last weekend.

Does anyone have some advice?

Toshi_Esumi

SuperUser

Are you seeing those packets reaching the other end, vice versa? If a bunch of IPSecs suddenly went down, the first thing I would suspect Internet in-between, likely a specific carrier in a specific region.

m0j0

New Member

This may not be related to your issue, but this sort of thing happens to my home Fortigate every now and then. We have Fortigates spread throughout our offices and never have this issue. My home unit was an 80C but is now a 60D. I've upgraded software many times and still have this issue. Seems to be if I get a glitch in my connection, all my tunnels will drop and not come back again. I've tried restarting the ipsec process and all sorts of other things but have found the only solution is to reboot the firewall.

Here's the thing - the difference with my home unit to our offices is at home I have a VDSL router in bridge mode and I'm doing PPPoE on the Fortigate. Seems to be an issue with IPSec from a PPPoE interface. I've looked into this for a while and never found a solution so have just resorted to the reboot whenever needed solution.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded