I have a FortiGate, I have 2 interfaces that connect to 2 different ISP/modems. When the primary ISP is down, the other is automatically used.
I have set up Email Alerts through Stitch using the trigger "Interface status changed"
I am able to receive email alerts if the interface is down (example: powering off the modem). But if there is no internet connection (example: due to ISP maintenance) I don't get any alert, because the interface is still up.
How do I receive alerts on lost connectivity for an interface?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @IronMan
Thanks for posting your query.
You wanted that alert mail should trigger when the link goes down but interface status is up.
So you can configure the link-monitor for the interface and when the target server is not reachable it will detect the WAN link as dead and as per the automation stitch the mail will be triggered.
Kindly refer the below document
Hi@IronMan ,
Please refer to the below article and check if it this is what you're asking:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-E-mail-alert-when-WAN-interface-went-down/...
Best Regards,
Abhimanyu
No. That is something I already have. I already have an alert to notify me when an interface is down. I need an alert when there is no internet connection. An interface can be up even when there is no internet connection.
Hi @IronMan
Thanks for posting your query.
You wanted that alert mail should trigger when the link goes down but interface status is up.
So you can configure the link-monitor for the interface and when the target server is not reachable it will detect the WAN link as dead and as per the automation stitch the mail will be triggered.
Kindly refer the below document
I've almost got it to work. The link-monitor part is done.
Now I'm trying to set the trigger to filter between link alive and link dead but the filter message is too long. The system allows only 63 characters but the actual message is 86 characters.
msg="Link monitor state is changed from 0 to 1, please check if this triggers HA failover.":
Any way to bypasss the character limit or other workaround?
Found a workaround.
For alert on link failure use the trigger "Link Monitor Status Warning"
For alert on link restored use the trigger "Link Monitor Status"
This works:
Failure -
Link Monitor Status Warning
Link Monitor changed state from alive to dead, protocol: ping.
Restored status -
Link Monitor Status
Link Monitor changed state from dead to alive, protocol: ping.
Hello,
You could configure the Link Monitor and automation stitch if you have SDWAN
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Link-monitor/ta-p/197504
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1529 | |
1027 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.