Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RolandBaumgaertner72
New Contributor II

SD WAN Problems, main Interface down after 24h

Hi,

 

I have some really strange things going on with SD WAN and FG30E (6.2.15). I dont really know when it happened but for some weeks now (mayber after the update to 6.2.15) the main WAN interface of the SD WAN is DOWN at around 8:15 every morning. It cant be a problem of the router, we chaecked that, also after a reboot the SD WAN works again for aprox 24h without any problems.

 

The SD WAN is configured so that the main WAN1 has Prio 1 and the WAN2 (only backup) has Prio 2. The SDWAN Rule #1 is only for the main WAN1 and the SDWAN Rule#2 is with the backup over both WANS with best quality and package loss.

 

I really dont understant what causes the problem.

 

Thanks!

5 REPLIES 5
jintrah_FTNT
Staff
Staff

Hi,

 

Were you able to check the health check status of wan1 during the time of issue? Are there any event logs generated? Could you please collect the output of the below command

diagnose sys virtual-wan-link health-check
diagnose sys virtual-wan-link member

 

Best regards,

Jin

RolandBaumgaertner72

Hi,

 

it only happens in the morning and usaully they directly restart the FG. In these moments I could not even ping the gateway router.

 

XXX # diagnose sys virtual-wan-link health-check
Health Check(Ping Check):
Seq(1): state(alive), packet-loss(0.000%) latency(54.496), jitter(0.417) sla_map=0x0
Seq(2): state(alive), packet-loss(0.000%) latency(8.842), jitter(3.003) sla_map=0x0

XXXX # diagnose sys virtual-wan-link member
Member(2): interface: wan, gateway: 91.126.214.1, priority: 0, weight: 75
Member(1): interface: lan4, gateway: 192.168.0.1, priority: 0, weight: 1

 

Thanks

jintrah_FTNT

Hi,

Is this command outcome taken at the morning during time of issue? As the health check shows no packet loss to pings, I suppose this is taken when in a working/normal scenario, or else we should see ping packet loss reported on the system, the same time when you tried pinging the gateway router that failed.

 

Best regards,

Jin

RolandBaumgaertner72
New Contributor II

Hi,

 

yes this was after. When the problem occurs I get the WAN1 down and health check and everything fails.

 

Any idea? How is it possible that the FG looses connection to the WAN after x hours and after the  reboot everything works fine again.

 

Thanks

hbac

Hi @RolandBaumgaertner72,

 

When it happens, please try to ping the default gateway of WAN1. Replace x.x.x.x with the default gateway IP address. Also check the arp and routing table:

 

exec ping-options interface WAN1

exec ping x.x.x.x 

get system arp 

get router info routing-table database 

 

Regards, 

Top Kudoed Authors