ipsec vpn tunnel: vpn interface turn up and down

tetsou · ‎02-21-2023

hello guys,

In my log event, i constantly notice vpn interface turn up and down for an IPSEC VPN tunnel a created 3 months ago. meanwhile the remote gateway address are static.

please reason for this ?

parteeksharma · ‎02-24-2023

Hi Tetsou,

As per the screenshot, it seems you configured link monitor for the vpn tunnel or you have enabled SDWAN. Link monitoring measures the health of links by sending probing signals to a server and measuring the link quality based on latency, jitter, and packet loss.

If the monitored interface status goes down or the ping server is not reachable, the default route is removed from the routing table and then interface status will change.

You can check the link monitor status using below command:
diagnose sys link-monitor status

For more details please check below link:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Link-monitor/ta-p/197504

Regards,
Parteek

aliayyazu6u7i7yvh · ‎03-04-2023

Go to VPN Manager > Monitor to view the list of IPsec VPN tunnels. You can also bring the tunnels up or down on this pane Select a specific community from the tree menu to show only that community's tunnels.

To bring tunnels up or down:

Go to VPN Manager > Monitor.
Find and select the tunnel or tunnels that you need to bring up or down in the list.
Click Bring Tunnel Up or Bring Tunnel Down from the toolbar or right-click menu
Select OK in the confirmation dialog box to apply the change.

ipsec vpn tunnel: vpn interface turn up and down

Nominate a Forum Post for Knowledge Article Creation

To bring tunnels up or down: