Description | This article shows how to fix the issue where SDWAN Performance SLA is down though the target server is ping-able. |
Scope | FortiGate SDWAN SLA. |
Solution |
FortiGate can still ping the target server. But the SLA is showing 'dead'.
Example: --- 10.100.2.210 ping statistics ---
# dia sys sdwan health-check TESTSLA
This is due to the SLA default probe timeout setting. If the probe (ping) timeout exceeds 500ms, SLA will be rendered the target host not reachable, thus the SLA status is 'dead'.
NOTE: This can be common for satellite network setup or high latency networks.
To solve the issue, edit the probe timeout setting in SLA.
# config sys sdwan edit TESTSLA <<=== SLA object name set probe-timeout 800 <-- unit in ms. default is 500 end end
After making the changes, the SLA status is 'Alive'.
# dia sys sdwan health-check TESTSLA
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.