I'm trying to set up a hub and spoke ipsec environment. However, I am currently getting the following error:
Starting log (Run on device)
Start installing
gen $ config router static
gen (static) $ edit 2
gen (2) $ set device "HUB1-VPN1"
gen (2) $ set comment "VPN: HUB1-VPN1 [Created by IPSEC Template]"
gen (2) $ set dstaddr "HUB1-VPN1_remote_subnet_1"
gen (2) $ next
gen (static) $ edit 3
gen (3) $ set distance 254
gen (3) $ set comment "VPN: HUB1-VPN1 [Created by IPSEC Template]"
gen (3) $ set blackhole enable
gen (3) $ set dstaddr "HUB1-VPN1_remote_subnet_1"
gen (3) $ next
The blackhole route conflicts with the gateway of SD-WAN member 1, gen (static) $ end
---> generating verification report
(vdom root: router static 3:vrf)
remote original: 0
to be installed:
<--- done generating verification report
------- Start to retry --------
gen $ config router static
gen (static) $ edit 3
gen (3) $ unset vrf
gen (3) $ next
The blackhole route conflicts with the gateway of SD-WAN member 1, gen (static) $ end
---> generating verification report
(vdom root: router static 3:vrf)
remote original: 0
to be installed:
<--- done generating verification report
install failed
The Fortimanager tries to delete vrf from the blackhole routing rule:
config router static
edit 3
unset vrf
next
end
does anyone have an idea how I can solve the problem without setting routing to manual?
regards,
Kevin
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Kevin,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello Kevin,
Did you try to have a look in our documentation:
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1643 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.