I deployed 2 different customers with a 60F at their main office and
60E's at their 3 remote sites last weeks. The VPNs come up and stay up,
but at random times the VPNs will just stop passing traffic. If I bring
the tunnels down from the main office...
I posted in reddit too. In case anyone else is struggling with this, it
appears the fix is: config vpn ipsec phase1-interfaceedit
set npu-offload disableend Huge thanks to reddit user
shsheikh and others for providing such quick responses over there!...
So it appears I can't use "set keepalive enable" (I mistakenly had a
space in my last post), if I already have "set auto-negotiate enable" in
the phase 2 settings. So would that confirm that if auto-negotiate is
enabled, then keepalive is automatical...
yes, auto-negotiate is enabled, which in turn appears to automatically
enable auto-rekey as it shows as enabled and grayed out in the gui, so I
can't de-select it in the GUI. And from what I read in
https://kb.fortinet.com/kb/documentLink.do?external...
We have a case open with support for the conserve mode issue. We were
running 6.0.x and they upgraded the box to 6.2.3. Still had issues.
Their latest attempt to resolve it was to switch the box from proxy mode
to flow mode for UTM. We've always used...
Andy,Yeah, I saw that 6.0.7 was recently released, but I haven't went
through the release notes yet to see if anything like this was
addressed. I don't think Fortinet has ever came out and said there is a
bug in any version except 6.2.1, so I'm not r...
