Description |
This article describes how to fix the GRE traffic stops working after a firmware upgrade to v7.4.3. |
Scope | FortiGate. |
Solution |
The GRE traffic is working in v7.2.7. Then, it stops working after the firmware upgrade to v7.4.3. If the collisions of the GRE tunnel are increasing every time:
diag sys gre list IPv4:
vd=0 devname=GRE-test devindex=3 ifindex=41 saddr=192.168.1.100 daddr=192.168.1.101 rpdb=0 ref=0 key=0/0 flags=0/0 dscp-copy=0 diffservcode=000000 RX bytes:1760660 (1.6 Mb) TX bytes:653330 (638.0 kb); RX packets:2669, TX packets:1592, TX carrier_err:0 collisions:3643 npu-info: asic_offload=0, enc/dec=0/0, enc_bk=0/0/0/0, dec_bk=0/0/0/0 rpdb-ver: 00000026 rpdb-gwy: 0.0.0.0 rpdb-oif: 0
diag sys gre list IPv4:
vd=0 devname=GRE-test devindex=3 ifindex=41 saddr=192.168.1.100 daddr=192.168.1.101 rpdb=0 ref=0 key=0/0 flags=0/0 dscp-copy=0 diffservcode=000000 RX bytes:1760660 (1.6 Mb) TX bytes:653330 (638.0 kb); RX packets:2669, TX packets:1592, TX carrier_err:0 collisions:3719 npu-info: asic_offload=0, enc/dec=0/0, enc_bk=0/0/0/0, dec_bk=0/0/0/0 rpdb-ver: 00000026 rpdb-gwy: 0.0.0.0 rpdb-oif: 0
Then it matches bug 987501. This issue was seen in 7.4.2 and 7.4.3. This was fixed in v7.2.8 and v7.4.4. The workaround is to downgrade to v7.2.7 or create an IPsec VPN tunnel as a workaround. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.