HiI have a Fortigate 91G and created an IPSEC site to site tunnel to a
firewall of an external partner with preshared key (I think Cisco
Firewall but info is not disclosed). The tunnel drops from time to time
- there is no pattern why. It reconnects ...
It is resolved by now! After I tried many things to resolve this, one of
these have fixed it:1. My best guess is I disabled NAT-T on the IPSEC
tunnel's network settings as there was also a SNAT configured in Central
SNAT and I think it interfered.2. ...
Hi Aman,tunnel is still flapping after DPD settings. I can't disable
Replay Detection on the other side, because it's a global Cisco setting
there and they will not change it because it affects more than 300
connections of the partner:crypto ipsec se...
Hi kamanI changed the dpd settings to "on-idle" in phase1 and collected
another log.I think there is an SPI mismatch, but our technical contact
for the other side's firewall insists that the settings we did (Replay
Detection, PFS, auto-negotiate, aut...
Thanks for your reply, kaman. Attached are debug logs and VPN Event
logs, one time filtered what happens before and after the tunnel drops.
Debug logs says:eceived informational requestprocessing notify type
INVALID_SPImalformed payload (spi_size=0 !...
