Is anyone else with this issue?
Even / Log VPN /
Hi @crti , welcome to the community.
Please find more info about that log at: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Explanation-of-Unknown-SPI-message-in-Even...
Hello,SPI is a value that is sent with every ESP packet, and is used as a means of matching incoming ESP packets to the correct IPsec tunnel on the VPN endpoint.
Enabling DPD on both ends of the VPN can help in scenarios where one of the VPN endpoints temporarily disappears.
To enable Dead Peer Detection
1) Go to VPN -> IPSec Tunnels and select the VPN Tunnel to edit.
2) Select Edit for the Network settings.
3) Set Dead Peer Detection to either On Idle or On Demand.
4) Select OK.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.