we use FortiGate at a lot of customers and monitor everything using PRTG Network Monitor (latest version 220.127.116.118).
I found out today that if I monitor traffic in IPsec site2site tunnels I get strange results.
Here is a concrete example.
FortiGate 100F (6.4.9). There is one IPsec tunnel on the WAN interface to the central FortiGate 200F (6.4.10). All traffic is routed to the IPsec tunnel, nothing passes to the internet directly through the WAN.
This graph is from the WAN interface:
and this graph is from an IPsec tunnel:
As you can see there is a huge difference.
But I am unable to determine when this monitoring problem started. I tried deleting and recreating the problematic sensors but that didn't fix the problem. I also tried using SNMPv3 instead of SNMPv2 and also no luck.
I always considered IPsec tunnels as a classic interface (and that's how the PRTG program also approached it) and it always worked.
Has anyone encountered a similar problem? Other interfaces (physical, vlans or SSL) are displayed correctly via SNMP.
And I also registered that if I view the IPsec tunnel widget on FGT, I only see one direction.