Description | This article describes a scenario where the SD-WAN SLA probe fails due to the route bypassing the tunnel and going through the HUB-VPN instead, and how to troubleshoot and resolve the issue. |
Scope | FortiGate. |
Solution |
To troubleshoot the issue, follow these steps:
get router info bgp neighbors <neighbor_ip> advertised-routes | grep <route> get router info bgp neighbors <neighbor_ip> received-routes | grep <route>
Use the command to verify that the route is being installed in the routing table as follows:
get router info routing-table all | grep <route>
If the route is not being installed, check the BGP configuration to ensure that the next-hop-self option is enabled. To enable next-hop-self, use the commands as below:
config router bgp config neighbor set next-hop-self enable
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.