Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Tutek
Contributor

Created on ‎12-12-2022 01:40 AM

Link monitor status do not work

Hi,

I have in "Automation" configured event "Link Monitor Event" with action email notification, now I have multiple ipsec tunnels with performance sla applied, these tunnel often turn off / tur on but I never get any email notification. Email service is working for sure. How to troubleshoot this?

Labels:
1560
0 Kudos
18 REPLIES 18
Tutek
Contributor
In response to funkylicious

Created on ‎12-15-2022 02:41 AM Edited on ‎12-15-2022 02:42 AM

Hi I have only logs from today morning concerns Network down, I don't know if this is related to ipsec:

Tutek_0-1671100864790.png

For sure I had today ipsec tunnels disconnected.

what command use to list log for ipsec connection down?

484
0 Kudos
funkylicious
Contributor III
In response to Tutek

Created on ‎12-15-2022 02:53 AM

You can view from : Log & Report > Events > VPN Events and there identify the IPsec tunnel in question , another option would be from CLI but that's a little too much right now.

geek
geek
483
0 Kudos
Tutek
Contributor
In response to funkylicious

Created on ‎12-15-2022 03:24 AM

I see in log that tunnel disconnects, but don't know why:

Tutek_0-1671103278107.png

 

ESP error like: Received ESP Packet with unknown SPI.

 

 

477
0 Kudos
funkylicious
Contributor III
In response to Tutek

Created on ‎12-15-2022 04:26 AM

Well, here it's not really an issue with the IPsec tunnel but rather a phase2 one, so in this case the trigger would not have worked.

You would need to investigate those P2 settings at both ends to match.

geek
geek
474
0 Kudos
Tutek
Contributor
In response to funkylicious

Created on ‎12-15-2022 04:28 AM Edited on ‎12-15-2022 04:29 AM

they are configured at both ends using fortigate sd-wan vpn wizard, so they are the same.

473
0 Kudos
Tutek
Contributor

Created on ‎12-14-2022 05:39 AM

how could i manually trigger an event because I have some events in column "last trigger time" but I never get any emails from Fortigate?

508
0 Kudos
gfleming
Staff
Staff
In response to Tutek

Created on ‎12-14-2022 10:18 AM

You could create a stitch that uses a schedule trigger and just set the schedule for a few minutes in the future...

Cheers,
Graham
504
0 Kudos
Tutek
Contributor

Created on ‎12-15-2022 12:48 AM Edited on ‎12-15-2022 01:06 AM

How could I do this?

Tutek_0-1671094044038.png

as you can see "Network down event" was triggered today at 4 AM but I didn't get any email notification.

If I do FGT # diagnose log alertmail test

then I get alert mail so email server is configured properly.

491
0 Kudos
gfleming
Staff
Staff
In response to Tutek

Created on ‎12-15-2022 07:10 AM

See here for schedule triggers: https://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/453129/schedule-trigger

 

Are you using default notification.fortinet.net SMTP server or another server?

Cheers,
Graham
468
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.