Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
DirkDuesentrieb
New Contributor

IPSEC Tunnel goes down after scheduled Fortiguard update

Hi,

we are having a strange VPN problem with one IPSEC tunnel of a remote site. All other sites work fine. But this 200F sometimes looses VPN connectivity directly after a scheduled FortiGuard update. This can be seen in the sites eventlog, where the FAZ connection through the tunnel is lost seconds after the update message. The phase2 seems to be broken at that time and the tunnel finally recovers after more than an hour and the FAZ is reachable again. 

 

event log.png

 

There is nothing special at this site and all gatways use the same FOS7.0.15.
Have you seen this or have any ideas?

Regards,

Dirk

2 REPLIES 2
hbac
Staff
Staff

Hi @DirkDuesentrieb,

 

Have you seen high CPU/Memory at that time? You can run this command 'di deb crashlog read' to see if there was any crash.

 

Regards, 

DirkDuesentrieb

Hi @hbac 
the central SNMP monitoring has a gap during that time, because it needs the tunnel to poll data, so I need to improvise here.
- The local eventlog writes perfmon data every 5 minutes; all with "CPU: 0".
- The "Memory"-widget shows data of the last 24 hours and has no peaks

I found a dump of the dhcpd in the crashlog, but this is unrelated to the event.

Dirk

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors