Problem FortiGate SD-WAN via IPSec Tunnel

achref · ‎06-22-2021

Dear all,

i have a problem with the tunnel ipsec i create an sdwan via tunnels between two fortigate (for each interface one tunnel but both tunnels in the some sdwan zone)

i can't ping from the fortigate to device that exicte after the other fortigate

i can ping to the ip of tunnel from each device

ip Tunnels: 10.11.11.11 and 10.21.21.21

under the port 1 i have an tunnel T1S1

under the port 2 i have an tunnel T2S1

please anyone can help !!

confige bellow (i am worked just with Site1 ( T1S1 and T2S):

edit "T1S1" set vdom "root" set ip 10.11.11.11 255.255.255.255 set allowaccess ping set type tunnel set remote-ip 10.254.151.100 255.255.255.128 set role wan set snmp-index 10 set interface "port1" next edit "T2S1" set vdom "root" set ip 10.21.21.21 255.255.255.255 set allowaccess ping set type tunnel set remote-ip 10.254.21.100 255.255.255.0 set snmp-index 11 set interface "port2" next

patelr · ‎08-02-2024

Hello @achref,

Have you tried setting up source-ip for Performance SLA ?
Please review https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-source-IP-for-Secure-SD-W...

Thank you,
Ronak Patel

mikaljohn05 · ‎08-02-2024

It is like you might need to check the routing and firewall policies. Make sure you have proper static routes and that the firewall policies allow the traffic through the IPSec tunnels. Double-check your SD-WAN rules to ensure Explore Now they are correctly set up to route traffic between the tunnels. If the problem persists, reviewing the logs for any dropped packets can provide more insights.

Problem FortiGate SD-WAN via IPSec Tunnel

Nominate a Forum Post for Knowledge Article Creation