Skip to main content
crti
crti
New Member
May 4, 2023
Question

VPN Problems

  • May 4, 2023
  • 2 replies
  • 1397 views

Is anyone else with this issue?

 

 

Captura de pantalla 2023-05-04 a la(s) 14.00.37.pngEven / Log VPN / 

 

 

2 replies

aionescu
Staff
aionescu
Staff
May 5, 2023

Hi @crti , welcome to the community.

Please find more info about that log at: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Explanation-of-Unknown-SPI-message-in-Event-log/ta-p/190530

rtichkule
Staff
rtichkule
Staff
May 7, 2023

Hello,
SPI is a value that is sent with every ESP packet, and is used as a means of matching incoming ESP packets to the correct IPsec tunnel on the VPN endpoint. 

 

Enabling DPD on both ends of the VPN can help in scenarios where one of the VPN endpoints temporarily disappears.

 

To enable Dead Peer Detection

1) Go to VPN -> IPSec Tunnels and select the VPN Tunnel to edit.

2) Select Edit for the Network settings.

3) Set Dead Peer Detection to either On Idle or On Demand.

4) Select OK.

 

 

Terms & ConditionsAccessibility statement