Proxy ID in 0.0.0.0/0.0.0.0

Forum|Forum|17 years ago
April 6, 2009
1 reply
5007 views

Hi I have a Interface IPsec VPN configured in two Firewall Fortigate, the VPN is Ok an the traffic pass witout problems, but the VPN is unstable and when is down is very hard to make it up. The case is, in the monitor for the VPN the Proxy ID source and destination is in 0.0.0.0/0.0.0.0. is this normal???

rwpatterson

New Member

This is normal. If you know the IP subnets on either or both sides, you can narrow down the scope of the IP range. (192.168.254.0/24, for example) If you are using a routing protocol like OSPF or RIP, you need to use the 0.0.0.0 selectors. From the CLI, you can add the command

set auto-negotiate enable

in the phase 2 configuration. This will automatically bring the tunnel up if it drops without your intervention.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded