Hello Dears
I have two IPsec tunnels one of them is main and the second is backup sometimes when an issue on main tunnel like phyiscal interface goes down it is not update on Firewall i meant when I go to see the tunnel traffic it is show me the tunnel is up and everything is ok while it must be down because the interface is down so anyone could help me on that ?
Best Regards
Solved! Go to Solution.
Please configure DPD , it monitors if the peer is up and then takes the action bring down/up the tunnel.
Please configure DPD , it monitors if the peer is up and then takes the action bring down/up the tunnel.
Thnx dear for reply , in this case we need to enabe DPD with "On Demand" since we have traffic on it always ? is not it ?
Yeah, "on demand" should be enough.
thnx for your kind support , one more ask plz is the change of the confiugration on it would impact on IPsec tunnel it is need to be down ?
If the peer end don't respond to the dpd, it may bring down the tunnel, so I would recommend it enabling during non-peak hours to make sure the impact is minimal (very unlikely).
Ok dear thnx for your kind support
User | Count |
---|---|
2674 | |
1410 | |
810 | |
702 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.