One of my customers is running an IPSEC tunnel between their FG and a vendor's system. I do not know what the remote side is running. Starting last week, the tunnel has been dropping for unknown reasons. Neither of us shows a reason in our logs. I haven't gotten beyond teir 1 on their end but that person chats with 2 or 3. It was a worthless call. Our side simply reports phase 2 down. It may come back up on its own within a few hours or it may stay down until one of us restarts it. After the phase 2 down message, there are no failure messages between there and the restart. I suspect Spectrum may be having issues and causing the drop but can't prove anything yet. All I have to do is hit bring up and it immediately comes back up. There's no issue to troubleshoot. But here's what I really need: Why doesn't the tunnel immediately try to come back up on its own? How do I get it to begin to renegotiate as soon as it detects it went down? I'm running 5.6.13.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.