I opened a case today but would love to bounce this off the community. I have a 601f (7.0.11) that is the hub of my network. It currently has several site to site tunnels to my offices and I am adding a dial up hub for my stores. When the spoke builds phase 2 the hub stops being able to pass traffic across any site to site tunnel. The bizarre piece is that the tunnels show up and events aren't generated showing the tunnels dropping. I can't even ping across them on the directly connected IP. There is nothing weird in the routing table either. As soon as I disable the dial up tunnel on the spoke side connectivity restores on all of my site to site tunnels. Is there some kind of limitation where you can't have site to site and dial up tunnels on the same firewall?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
As you mentioned "events are generated showing the tunnels dropping", need to check those or debugs to check why we are seeing drops
Sorry I mistyped after a very long working day. The tunnels "aren't dropping" I edited my original post to reflect as much.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.