So in my lab I have a hub and 3 spokes. Each have 2 WAN ports. I am testing testing failover senarios, and that seems to be working. The issue is kind of weird though.
I have a computer connected to a spoke firewall and I set the computer it to ping the other 2 spokes (10.0.200.2 and 10.0.200.3(both are /32 subnets on a LoopBack interface). What I am seeing is when the computer is pinging only one of the spokes, everything is fine, but when I set the computer to ping both spokes at the same time, then I see shortcuts being created for one spoke, then delete and new shortcut created for the other spoke. It's like only one shortcut can be alive at one time.
It just keeps flopping like this.
So I am not sure if this is an IPSec issue or routing issue.
Any help understanding this would be appreciated.
Thank you.
So after running a debug flow I notice that the spokes I am pinging are losing routes back to where I am pinging from. Not sure how/why this happens like this. It loses the route, then finds again.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.