I have a new IPSec tunnel and I have control over both ends of it. Local
- FG60B 4.0 MR3 Remote - FG60C 4.0 MR1 The tunnel shows successful P1
and P2, but no successful pings. My first step was to tracert to a
remote host. The tracert went to the fir...
FG 620B 4.0 MR2 patch 1 Interface mode IPsec Trying to bring IPsec
tunnels up. the monitor show the tunnel is up. No traffic (echo) is
passing. First step was; chifgt02 (root) # diagnose sniffer packet any "
host 192.168.37.150 or host 10.x.x.x" 4 **...
FG 620 4.0 MR2. This is in a simple network conisting of 1 A/D server
(dhcp, dns), a couple of clients and this firewall. The firewall is on
the edge, no router in this network. port1 = lan and port14= wan Subnet
is 192.168.40.0/22 Firewall = 192.168...
FG620B 4.0 MR2 Patch 1 build 0279 I have a complete config built and
ready to be tested in production. I also have a 4 hour tech call that
came with the purchase and I would like to use it. In order for this to
happen support needs remote access. Thi...
I am trying to change the associated interface for a route based tunnel.
In order to do this I have to delete the address and recreate it, but i
am unable to do so because " cannot change interface binding! This
address is being used." I dont see it ...
This has been resolved. I booted the active node, which was a nice test
of the cluster, (lost only 2 pings all tunnels stayed up) but still had
the routing issue on the new active node. I rebooted the new active node
and that fixed the routing issue....
I' ll restart that service tonight as this could potentially take some
time to clean up. I do have configs saved from before any of this. I
will update this forum with the results. Thanks for the input.
OK, so I made my list last night and consolidated before hours today. I
was only able to remove 22 routes and replace them with 4 for a net gain
of 18. Before I touched any routes I decided to tear down the tunnel on
both sides and rebuild it, which ...
So, about my routes... I have one cluster that is the gateway out for 6
sites. One of the reasons I have so many routes is because I have 2 ISPs
and without specifying routes some of my reply traffic was going out the
other ISP. In other words, an ou...
