Unnumbered IPSec VPN Issues

Forum|Forum|11 years ago
October 16, 2014
1 reply
4607 views

Hi, We have an unnumbered IPSEC interface type VPN between a Juniper and Fortigate. Its been working fine for ages. Now when we do a trace route from the Juniper end the management interface on the Fortigate shows in the response as part of the route. This is playing havoc with various path monitoring devices (and we are getting random disconnects now). The thing is this may have been introduced since the upgrade to 5.2.1 - is anyone else seeing this? Tech support says its due to the index of the interface and we have to use numbered IPsec tunnels - but why now! TAC' s response tells me that Fortigate effectively do not support unnumbered IPSEC interface tunnels as far as I am concerned.

DickieAuthor

New Member

Further info - ticking the Dedicated Management Port makes no difference. So the Mgmt interface IS playing a role in the Firewall traffic. However I found a fix - change the interface to DHCP and administratively down and it does not appear to play a part. (However I am still concerened that traffic is passing through that interface) - at least it means I do not have to go and change all my unnumbered VPN' s as TAC suggested.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded