FortiGate ADVPN Redundant tunnel traffic not working

Question

I have created ADVPN in one hub and two branches with two isp. my issue is one tunnel traffic all are working but when down active tunnel and all traffic going via this tunel but my issue is branch hub connectivity ok but branch to branch not ping.

Please see the below.

tracert with wokring traffic.png working with routing table.png not working routing.png not working tracert.png

funkylicious · Answer

from the prntscrn that you have posted, i assume that 192.168.40.0/24 is the network in spoke2 which is unreachable from spoke1.

based on the last output of the routing monitor, the route towards that destination is using the internet link of ISP1/port1 whereas before it was using the ipsec tunnel intf SP1BKTU.

i would look into the ipsec/bgp config for hub/spokes and see where the issue might be.

you could also have a look at https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/820072/advpn-with-bgp-as-the-routing-protocol

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded