Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MotorOil
New Contributor

Progress IPsec Phase 2 Failure

We are running a 800C and are getting a IPsec Phase 2 error every hour (Key Lifetime set to 3600 on both ends).  Build v5.2.1,build618

 

Our connection is in-house to Amazon's data center (VPC connection for those familiar).  We have been able to duplicate the error on a test connection and have tried several settings to make it go away.  Turning off DPD, extending key lifetime (not adjustable on Amazon's end). 

10 REPLIES 10
GR

Hi All, I know this is an old thread but I've been looking into this too (I'm relatively new to FortiGates). From FortiOS v6.4 onwards there's a new setting "set session-ttl never" that may assist with this issue; perhaps worth a try?

 

Source:

https://docs.fortinet.com...069/no-session-timeout

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors