Hi all,
I need urgent assistance. We've had a site to site tunnel a while configured with a client.
Our end was using a Fortigate 600C firmware 5.4.4 and they were using ASA 5520 series.
In this setup everything worked fine.
We've recently replaced our Fortigate 600C with a Fortigate 900D. The new firewall runs on firmware 5.6.2.
We've build the whole config from scratch and everything works.
The site to site tunnel is online but we're receiving problem on our end.
We have 4 subnets allowed in the tunnel:
1. 172.30.80.0/22
2. 172.30.140.0/22
3. 172.27.90.0/22
4. 172.30.50.0/23
The remote location is constant connected with a host in local subnet 3. Local subnets 1,2 and 4 aren't able to reach the remote hosts, unless the remote location does a ping first to a host in the respective local subnets.
If the connection is idle for some time then the local subnets 1,2 and 4 fail to connect to the remote host again, unless the remote host does a ping to the respective subnets.
What could be the problem? Is it a known bug in firmware 5.6.2?
User | Count |
---|---|
2675 | |
1410 | |
810 | |
702 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.