Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

[get vpn ipsec tunnel summary] tx error count

While checking the tunnel status, it was confirmed that the tx error value steadily increased.
I wonder why you get these symptoms.
And is there a separate command that can only clear the corresponding error value?



수정카운터 증가값 관련.png



Txe error count can be caused by the following reasons:


- Attempting to send traffic when no IPsec SA has not been negotiated.

- Attempting to send traffic when there is no route to the gateway IP.

- Attempting to send traffic on an IPsec SA that is dead/expired.

- No memory available to add the IPsec header onto the egress packet.


The txe error can also count up if there are phase 2 selectors, and then try to ping a destination not allowed by the selector.

The txe error count will then increment by one for every ping.


Else, drops could be due to large size packets.


For more info please check this link:

IPsec VPN tunnel errors due to traffic no... - Fortinet Community

Top Kudoed Authors