Hi,
I have in "Automation" configured event "Link Monitor Event" with action email notification, now I have multiple ipsec tunnels with performance sla applied, these tunnel often turn off / tur on but I never get any email notification. Email service is working for sure. How to troubleshoot this?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Can you show details of your Automation trigger?
show system automation-trigger <TRIGGER_NAME>
FGT # show system automation-trigger Link\ Monitor\ Status
config system automation-trigger
edit "Link Monitor Status"
set event-type event-log
set logid 22922
next
end
FGT # show system automation-trigger Network\ Down
config system automation-trigger
edit "Network Down"
set event-type event-log
set logid 20099
config fields
edit 1
set name "status"
set value "DOWN"
next
end
next
end
AFAIK the link down log ID 22922 is for physical links.
You may want to look at log id 0101037138 instead for monitoring your IPSec tunnels. More info here: https://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/834425/understanding-vpn-rel...
Created on 12-13-2022 11:10 AM Edited on 12-13-2022 11:10 AM
I need to have sd-wan IPsec interfaces notification when they are down, what options in fortigate I have to achieve this?
Create a new trigger based on the IPSec log ID i posted above. And then create a new stitch based on that trigger. Similar to what you have now for Network Down / link monitor.
I have tried to configure trigger with your login but then I get error:
FGT (automation-trigger) # edit Ipsec\ VPN\ tunnel\ down
FGT (Ipsec VPN tunnel~own) # set logid 0101037138
The logid value 101037138 must be in the range of 1-65535.
value parse error before '0101037138'
Command fail. Return code -61
Hi,
Try:
23101 - LOG_ID_IPSEC_TUNNEL_UP
23102 - LOG_ID_IPSEC_TUNNEL_DOWN
Created on 12-15-2022 02:31 AM Edited on 12-15-2022 02:32 AM
Hi,
yes I have this configured
edit "Ipsec VPN tunnel down"
set event-type event-log
set logid 23102
next
but I don't get any email notifications.
Created on 12-15-2022 02:34 AM Edited on 12-15-2022 02:34 AM
Hi,
Can you please post a sanitized log w/ all the details, that you see on the FGT when the tunnel is down?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1518 | |
1018 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.