- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to know ISP drops
Hello,
Is there a way to know when any Internet connecion stopped working with the default settings?
Can I do anything to know this?
I have FortiOS 6.2.2 in this Fortigate 60E, there is one SD-WAN with 1 performance sla for each wan, I can see if the wan is up or down in real time but I dont know how to check the history
Regards,
Damián
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good question. In addition to keeping history of the ISP outage, I would like to know how to receive a notification when this happens. Does anyone know how this can be accomplished?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
this might require FAZ under event trigger.
Fortigate Newbie
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In FortiCloud, FortiGate Cloud GLOBAL, there is an option under Analysis / Event Management, to turn of a notification for Interface Down. Would this notify if the ISP was down?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The problem with interface down is there is rarely a situation where that happens. Normally the interface is up, indication just a physical connection, but the traffic doesn't get out. Interface down doesn't help in that scenario.
If you setup a link monitor you could accomplish this. If you are already using SDWAN you should have determined a link monitor anyways, in which case you simply need to create an Automation Stitch.. if you aren't using SDWAN already you can manually create a link monitor.
config system link-monitor
edit 1
set srcintf wan1
set server 8.8.8.8 1.1.1.1 -- or whatever it is you want to use to determine an outage
set update-static-route disable -- disable if you only have 1 WAN, enable is used to failover to secondary
end
This will allow you to generate a log entry when the targets defined in the server part are unreachable. You can then create an automation stitch(under Security Fabric > Automation) to email you when this event is triggered. Though, obviously you would only get the email after the fact if you don't have a secondary line.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Brycemd,
Do you know which event we need to monitor?
I am showing 3 possibilities
interface link status change <-- i dont think this one applies as we are not shutting down the interface
link monitor sla information
and link monitor status. <-- I assume this is the entry that I am monitoring.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks brycemd for your answer this seems useful, I need more time to test this
Regards,
Damián