Packet loss about 3%, when pings pass between IPSec tunnel and physical port on 800C

Forum|Forum|7 years ago
April 5, 2019
0 replies
2957 views

I've been trying to figure out why I'm losing about 3% of my pings across a new IPSec tunnel.

Note: The pings are 100 bytes, with 1000 ms timeout. The remote Fortigate's port 4 is the gateway for the LAN at the remote site.

Here's what I've found.

[ul]

When I ping across the IPSec VPN to anything on the remote LAN, I have about 3% packet loss.

When I ping across the IPSec VPN to the Fortigate's IP address on the LAN interface, there is zero packet loss.

When I ping from the Fortigate's LAN interface to anything on the LAN, there is zero packet loss.[/ul]

The 800C is running version 5.2.4 (yes, I know it's old. corporate bureaucracy)

CPU utilization is under 10% on all four CPUs.

GF-FG800C-1 (root) # fnsysctl ifconfig port4 port4 Link encap:Ethernet HWaddr xx:xx:xx:xx:xx:xx:xx inet addr:10.4.32.18 Bcast:10.4.32.31 Mask:255.255.255.240 UP BROADCAST RUNNING PROMISC ALLMULTI MULTICAST MTU:1500 Metric:1 RX packets:5245303741 errors:0 dropped:0 overruns:0 frame:0 TX packets:8058790619 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1554562707785 (1447.8 GB) TX bytes:8758638824464 (8157.1 GB)

I welcome anyone's input, as long as it doesn't start with, "I don't know anything about that, but..."

Thank you.

IPsec

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded