Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
g3rman
New Contributor

Survivable Sessions with multiple VPN Tunnels

We have 2 VPN dialup tunnels setup from a remote office to our data center.

Routing is dynamic via OSPF and working correctly.

We do have a number of very long lived connections (such as Remote Desktop sessions, SSH and other for example) that break whenever the firewall switches from the primary to the secondary VPN tunnel due to the WAN1 interface going down.

 

In the past we had Cisco DMVPN routers setup which are non-stateful and therefore the sessions would automatically resume across a different path. Now with the stateful Fortinets in place this is becoming more of an issue.

Yes, the primary circuit is somewhat unstable, but there isn't anything we can do about it at the moment.

 

I'm wondering if other people have come across the same situation and how it was resolved.

A Real World Fortinet Guide Configuration Examples & Frequently Asked Questions http://firewallguru.blogspot.com
A Real World Fortinet Guide Configuration Examples & Frequently Asked Questions http://firewallguru.blogspot.com
1 REPLY 1
bommi
Contributor III

I am not aware of any other solution than converting your fortigate into an stateless firewall:

 

http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-networking-54/Interfaces/VLANs/Asymme...

NSE 4/5/7

NSE 4/5/7
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors