DescriptionThis article describes how gateway detect works in FortiOS.
ScopeFortiOS v4.3, v5.0SolutionFGT--port1-----ISP--------Ping-Server
8.8.8.8Configuration:FG300B-2 # show router gwdetectconfig router
gwdetect edit 1 set interface "port1" set se...
possible reason: 'ifindex=2 in the ike debug' is where the ike packet
are recieved from vpn dailoer. check if wan2 index is 2. diag netlink
interface list you will see index=x for wan2 in the output.
hi, your issue would require troubleshooting, you may open a suport
ticket with following cmds output while issue occur: diag debug app
sslvpn -1diag debug enable diag sys top 3 99 diag debug report
thanks,Rewanta
Hi, You can rely on ike dpd (dead peer detection feautre) feature to
kick in the vpn failover to third link. make sure 3rd vpn static route
is configured with higher AD than first 2 vpn routes. in this case if
the first 2 vpns are down, 3rd will kick...
hello, kb talks about route based vpn beteen fgt and sonicwall. You have
other options apart from route based vpn. You need to collect the
following commands output to understand whats the issue. -you can debug
the ike (isakmp packets) from fgt diag ...
hi, looking into the vpn event logs, it seems like negotations errors
this would mainly happen due to mis-configuration. -you can debug the
ike (isakmp packets) from fgtdiag debug restdiag debug console timestamp
enablediag vpn ike log-filter dst-add...