- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SYSLOG --- Overlay Controller VPN server communication error
Hello:
The following syslog is being generated a lot on my FGT-1000D, and I'd like to make it stop. I'm not using Overlay Controller VPN's. Can somebody shed some light on what I need to do, to stop the communication which is apparently generating these logs?
date=2020-04-24 time=15:33:13 devname="NPU-FGT1000D-FW1" devid="FGT1KDxxxxxxxxxx" logid="0101053103" type="event" subtype="vpn" level="error" vd="root" eventtime=1587756793216377234 tz="-0400" logdesc="Overlay Controller VPN server communication error" msg="Overlay Controller VPN communication error (Unregister)" status="failure"
This is a FGT-1000D - v6.4.0 build1579 (GA)
Thank you.
[style="background-color: #ffff00;"]Update 04/28/2020:[/style]
Case has been opened with support. We'll see what they have to say.
OCVPN is disabled, yet the firewall is still trying to send some sort of registration messages. A "diag vpn ocvpn log" will show you what I mean, if this is happening to you.
OCVPN disabled in CLI and GUI.
[left]XXX-FGT1000D-FW1 (ocvpn) # get [style="background-color: #ffff00;"]status : disable[/style] role : spoke multipath : enable sdwan : disable wan-interface : "portA" overlays: auto-discovery : disable poll-interval : 30[/left]
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It sounds like there is a lot of information missing. it is hard to guess the right solution just from little info. However below are few links I would start with:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/496884/overlay-controller-vpn-ocvpn
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @jbrule
same situation here with fortigate 60e with latest firmware.
OCVPN disabled in CLI and GUI but produce a lot of notification .
u have some news?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Raffaele
Opened a case with support. They kicked it up to developers. Looks like a bug.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Support provided the following workaround, and it does resolve the issue. Root cause to be addressed in future release.
Enter the following commands:
config vpn ocvpn unset ha-alias end
Note: If you are running VDOMS, this should be run in each vdom.