Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ralphian08
New Contributor

Exchange Server remote site randomly disconnected over the VPN everyday.

Hi

I have fortigate 100D and we've set-up site to site vpn to main branch 

These past few days our connection from main site is randomly disconnected and 

re-starting the firewall itself solved the issue.

 

Please help me...

3 REPLIES 3
Nihas
New Contributor

Hi ,

Which FOS are you using on the 100D box?

There are multiple reasons for the VPN disconnection issues , including bandwidth issues, box physical resource utilization ( Conservative mode) etc. 

Would you please share the basic idea about your network. So that others can effectively suggest you the resolutions.

 

Are you using the Site to Site for accessing only the exchange server?

What is the bandwidth and real time session count of your network?

Do you have created any other site to site VPN with the same ISP link ?

 

thanks

Nihas

 

 

 

 

 

Nihas [\b]
Nihas [\b]
rwpatterson
Valued Contributor III

Nihas wrote:

Hi ,

Which FOS are you using on the 100D box?

There are multiple reasons for the VPN disconnection issues , including bandwidth issues, box physical resource utilization ( Conservative mode) etc. 

Would you please share the basic idea about your network. So that others can effectively suggest you the resolutions.

 

Are you using the Site to Site for accessing only the exchange server?

What is the bandwidth and real time session count of your network?

Do you have created any other site to site VPN with the same ISP link ?

 

thanks

Nihas

Additionally:

What are the key lifetimes on the phase one and two settings?

Do they match at both ends?

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
ralphian08
New Contributor

Hi 

 

Yes we are using FOS 100D box.

The Site-to-Site Vpn from our brach to main site, setup by ISP team.

Fortigate -> ASA both key lifetime for IKE P1 and P2 are set to 8 hours (28800)

And i have setup another site-to-site vpn from our branch to hosting company.

Fortigate -> ASA both key lifetime for IKE P1 and P2 are set to 24 hours (86400) = Connection are fine.

This wasn't happening before and these past few days for the  whole week we always get disconnected which is so prostrating.

I also noticed in the VPN event log the status of tunnel from our branch to main site is constantly changing up and down every 10 or 15 minutes and im not really sure if this is normal. 

 

Thank you for your reply

Appreciated guyz.

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors