Hi all We have a tunnel setup between a fortigate and a meraki mx. The tunnel comes up and passes traffic but after a random amount of time, it will stop sending traffic to some subnets. Reseting the tunnel or device on either end fixes it temporarily until it happens again. All the settings match on both sides. I cant figure out whats going on. I am seeing no errors on the meraki side and the below error on the fortigate side which im not sure what it indicates: Cookiese57e0d29c3ede476/7f230159880aa305Local Port4500Outgoing InterfaceVPL079153-URemote IP Remote Port32238VPN TunnelVPNMessageIPsec phase 1 error OtherID7088791930900840453Time2022-04-20 21:53:08euid2epid2dsteuid2dstepid2logver604071911Log ID0101037124TypeeventSub TypevpnPeer NotificationPAYLOAD-MALFORMEDLog event original timestamp1650488015878473200Timezone+0000Alternate UserN/Adtime2022-04-20 20:53:35itime_t1650487988Device NameHA-111_FG3H0E

New Member

Question

Payload malformed - Fortigate to Meraki

Forum|Forum|4 years ago
April 20, 2022
1 reply
3970 views

Hi all

We have a tunnel setup between a fortigate and a meraki mx. The tunnel comes up and passes traffic but after a random amount of time, it will stop sending traffic to some subnets. Reseting the tunnel or device on either end fixes it temporarily until it happens again.

All the settings match on both sides. I cant figure out whats going on. I am seeing no errors on the meraki side and the below error on the fortigate side which im not sure what it indicates:

Cookies	e57e0d29c3ede476/7f230159880aa305
Local Port	4500
Outgoing Interface	VPL079153-U
Remote IP
Remote Port	32238
VPN Tunnel	VPN
Message	IPsec phase 1 error

Other

ID	7088791930900840453
Time	2022-04-20 21:53:08
euid	2
epid	2
dsteuid	2
dstepid	2
logver	604071911
Log ID	0101037124
Type	event
Sub Type	vpn
Peer Notification	PAYLOAD-MALFORMED
Log event original timestamp	1650488015878473200
Timezone	+0000
Alternate User	N/A
dtime	2022-04-20 20:53:35
itime_t	1650487988
Device Name	HA-111_FG3H0E

FortiGate

Megaman2

New Member

Hello,

I have the exact same issue. The VPN connection once in a while dies and the Fortigate spits out the same error as you show.

My issue this time showed up yesterday, and what i did to get the VPN up again was to remove the Private Subnets in the Meraki Portal, saved the config and then readded them.

Then i restarted the Tunnel in the Fortigate.

Meraki might be doing some sketchy stuff behind the scenes?

EshAuthor

New Member

I feel as though its got worse with some of the recent firmware updates.

Other

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded