Network connection drop at branch loaction after main site fortigate goes down

AllfatherOdin · ‎08-05-2021

Hi All,

I am new to the fortigate worls, I inherited a system from a previous sys admin at my current job. We have a bunch of branch sites but when the main fortigate goes down at out corp location from say a power outage one of our sites also loses internet connectivity even though they are all hooked up and have their own internet connection obviously. I am figuring it must be some little setting in the routing of the vpn but I am just unsure of where to go hunting for this. I am comparing the tunnels and addresses/policies but almost everything seems to be configured mostly the same on the trouble site as all the rest. If anyone has any ideas that would be great and I would appreciate it.

Thanks

sw2090 · ‎07-07-2023

you could use flow trace on cli of that site's Fortigate to see what it does with the traffic:

diag debug enable

diag debug flow filter clear

diag debug flow filter <option> (without option it lists all availble options)

(you can use this command for several time to set more then one filter)

diag debug flow trace start <numberofpacketstotrace> (use 50 or 100 but not over 10000)

then create some traffic matching your filters and see what happens to it on cli....

--

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

Network connection drop at branch loaction after main site fortigate goes down

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website