Hello,
I am definitely lost and need help if possible.
Have two FGs connected by IPSec tunnel:
All traffic run smoothly, but when I transfer via SMB bigger file (50MB for example) on Windows server from site A to site B then it runs few secs and then I see that communication between these two sites is interrupted - all devices on site A are down.
The interruption takes usually 3-4 pings and then come back.
I also tried to ping 8.8.8.8 from site A during the interruption and it was working properly. It means to me that connectivity is good, but VPN has some problems. Unfortunately I do not see any error in VPN events.
During the interruption I tried to ping site B from another site and it is working properly.
Do you have any ideas how to find the reason of this issue?
Already tried to switch of all UTMs between both sites.
Thank you so much, Michal
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Fikusir
Please try to follow the below link to troubleshoot the issue for Ipsec tunnel
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Troubleshooting-IPsec-VPN-tunnel-errors-wi...
Regards
Vishal P
Seems to be good to me
Diagnose A)
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1406 Metric:1
RX packets:1042134 errors:0 dropped:0 overruns:0 frame:0
TX packets:1096519 errors:1 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:938168424 (894.7 MB) TX bytes:784801561 (748.4 MB)
Diagnose B)
if=SESTO_PRAGUE family=00 type=768 index=17 mtu=1406 link=0 master=0
ref=53 state=start present fw_flags=0 flags=up p2p run noarp multicast
Qdisc=noqueue
stat: rxp=1043481 txp=1098022 rxb=938569924 txb=785086536 rxe=0 txe=1 rxd=0 txd=0 mc=0 collision=0
re: rxl=0 rxo=0 rxc=0 rxf=0 rxfi=0 rxm=0
te: txa=0 txc=0 txfi=0 txh=0 txw=0
misc rxc=0 txc=0
input_type=0 state=3 arp_entry=0 refcnt=53
Hi,
I would focus on ESP (UDP/4500) communication when this is happening. I had an experience with very similar problem, tunnel working file, as soon larger file started to be transferred, it got disconnected. I would check if you will be receiving packets on both ends (encrypted packets). In my case, there was ddos protection in one of the customer's DCs that was triggered with higher volume of packets.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.