Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

2nd WAN Connection

I' m having a problem with connecting a second WAN connection WAN1 is an adsl connection WAN2 is supposed to be a cable connection Tried adding wan2 - blocks wan1 from getting out. No traffic in or out. Tried changing wan1 to cable connection, change network , routing, dns, and leaving adsl disconnected - still no go. not traffic gets through, can' t ping outside addresses. Put to normal (wan2 disconnected) and connected cable to an laptop to confirm connectivity, fixed ip address etc, no problem. The reason why for the second line is the adsl seems to interrupting my VPN tunnels. I want to split my 2 tunnels across two connections and have available an option if one connection goes down. Any ideas, anyone? (I think it' s probablyu going to be a firmware upgrade at least)
5 REPLIES 5
Not applicable

Does the ISP secure the MAC of your cable connection? Some ISP will lock the MAC of your laptop in this case. To change the MAC, you have to call ISP to renew.
Not applicable

no they don' t lock the MAC. Good idea though. Thanks for the reply.
Not applicable

can you check that the fortigate doesnt add a default route to your wan2 interface? That could disrupt internet connection on wan1 :-) BTW what is your problem with adsl and vpn disconnects? There is a bug in MR10 that disconnects VPN tunnels on key exchange if you have an underscore _ in your phase2 names...
Not applicable

No default routes added. I do have an underscore in the tunnel names, but why would they start having problems suddenly? - tunnel dropping started about two weks ago, before that, stable. My ISP claims no problems have been reported in our area and the two tunnels goto 2 different cities, but they both drop at same time. So either internet connection or fortigate I figure. haven' t upgraded the firmware lately, just virus updates.
Not applicable

I don' t know why it worked stable before... in our case each phase2 key exchange kills the tunnel. Not every application is affected by this, since the tunnel gets reestablished pretty soon. But some applications react pretty harsh on connections dropping for half a minute or so, as do our citrix terminal sessions. Did you perhaps just notice the drop of the tunnel two weeks ago due to the applications used? Perhaps you just didn' t notice earlier... Link to the thread about the problem: http://support.fortinet.com/forum/tm.asp?m=12833&p=2&tmode=1&smode=1 BTW one way to work around the problem if you can' t recreate the tunnels without the underscore in the name is to increase the keylife in phase2 to a value more suiting your needs. good luck!
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors