Skip to main content
MustphaBassim
MustphaBassim
New Member
May 8, 2023
Solved

IPsec still up

  • May 8, 2023
  • 1 reply
  • 2252 views

Hello Dears

 

I have two IPsec tunnels one of them is main and the second is backup sometimes when an issue on main tunnel like phyiscal interface goes down it is not update on Firewall i meant when I go to see the tunnel traffic it is show me the tunnel is up and everything is ok while it must be down because the interface is down so anyone could help me on that ?

 

Best Regards

Best answer by srajeswaran

Please configure DPD , it monitors if the peer is up and then takes the action bring down/up the tunnel.

 

https://community.fortinet.com/t5/FortiClient/Technical-Tip-Configuring-DPD-dead-peer-detection-on-IPsec-VPN/ta-p/192616

1 reply

srajeswaran
Staff
srajeswaranAnswer
Staff
May 8, 2023

Please configure DPD , it monitors if the peer is up and then takes the action bring down/up the tunnel.

 

https://community.fortinet.com/t5/FortiClient/Technical-Tip-Configuring-DPD-dead-peer-detection-on-IPsec-VPN/ta-p/192616

MustphaBassim
MustphaBassimAuthor
New Member
May 8, 2023

Thnx dear for reply , in this case we need to enabe DPD with "On Demand" since we have traffic on it always ? is not it ?

srajeswaran
Staff
srajeswaran
Staff
May 8, 2023

Yeah, "on demand" should be enough.

Terms & ConditionsAccessibility statement