Hi,I have a SonicWall NSA (site A) connected to Fortigate (site B) with
IPSec Tunnel. Site A sends ping probes over the tunnel interface to site
B's WAN IP. The Sonicwall configures implicit probes when configurating
the IPSec tunnels in virtual SD-W...
Hi,I have a remote site A (SonicWall NSA) connected to site B
(FortiGate) with IPSec tunnel. Site A is sending load balancing probes
(over the tunnel) to site B, but it's targeting the WAN interface IP of
site A. Traffic arrives on my tunnel interfac...
Hi All, I have two custom IPSec tunnels setup on FortiGate from same
local WAN interface connecting to remote site on different WAN
interfaces. The first tunnel is up and running without issues, but the
second tunnel shows inactive and show now activ...
Hi Jean-Phillipe, There is one flaw with my solution. The static routes
are now also routing my HTTPS management traffic to the IPSec tunnel
interface. I removed the static route and tried using a policy route for
ICMP traffic only, but the policy ro...
Hi,Managed to resolve this issue in the following way: 1. Enabled Ping
on WAN interface 2. Configure allow local-in policy to allow ping to WAN
interface from within the Fortigate. Source address is the remote WAN on
the other side of the IPsec tunne...
Hi Toshi, one would hope that the auto created probes will target the
remote tunnel interface 10.0.0.1 but it targets the remote gateway (WAN)
IP, don't know why though.
Sonicwall's "SD-WAN" / Virtual IPSec tunnel group probes cannot be
modified; it probes the remote side public interface IPs through each
respective tunnel in the group. Not sure why though; for individual
tunnels the probes can be customized.
