Dears,
Good Morning, Evening, Afternoon.
we have vpn site to site when it goes down [phase1 & phase2] and we try to ping it up it doesn't goes up until we issue these commands,
"diagnose vpn ike restart"
"diagnose vpn ike gateway clear"
we phase this behavior in only this vpn other site2site can be bring up normally.
and we do set Auto-negotiate on it.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Here is a guide to follow for troubleshooting an ipsec tunnel:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Troubleshooting-IPsec-VPNs/ta-p/195955
For bringing IPSEC tunnel, you can follow this article:
If its still not coming up please collect below logs
diag vpn ike log-filter dst-addr4 a.b.c.d (where a.b.c.d is the remote gateway ip)
diag debug application ike -1
diag debug enable
Please collect the below logs and share it with us
Dears,
Thanks for replay, I really appreciate it.
the vpn is working find right now the problem appears when it goes done.
I will share the logs as soon as it goes done, its a production environment and I can not do that deliberately.
Thanks a gain.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1561 | |
1034 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.