Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RolandBaumgaertner72
Contributor III

Created on ‎12-10-2023 11:42 PM

SD WAN Problems, main Interface down after 24h

Hi,

 

I have some really strange things going on with SD WAN and FG30E (6.2.15). I dont really know when it happened but for some weeks now (mayber after the update to 6.2.15) the main WAN interface of the SD WAN is DOWN at around 8:15 every morning. It cant be a problem of the router, we chaecked that, also after a reboot the SD WAN works again for aprox 24h without any problems.

 

The SD WAN is configured so that the main WAN1 has Prio 1 and the WAN2 (only backup) has Prio 2. The SDWAN Rule #1 is only for the main WAN1 and the SDWAN Rule#2 is with the backup over both WANS with best quality and package loss.

 

I really dont understant what causes the problem.

 

Thanks!

Labels:
2985
0 Kudos
5 REPLIES 5
jintrah_FTNT
Staff
Staff

Created on ‎12-10-2023 11:58 PM

Hi,

 

Were you able to check the health check status of wan1 during the time of issue? Are there any event logs generated? Could you please collect the output of the below command

diagnose sys virtual-wan-link health-check
diagnose sys virtual-wan-link member

 

Best regards,

Jin

2978
0 Kudos
RolandBaumgaertner72
Contributor III
In response to jintrah_FTNT

Created on ‎12-11-2023 12:03 AM

Hi,

 

it only happens in the morning and usaully they directly restart the FG. In these moments I could not even ping the gateway router.

 

XXX # diagnose sys virtual-wan-link health-check
Health Check(Ping Check):
Seq(1): state(alive), packet-loss(0.000%) latency(54.496), jitter(0.417) sla_map=0x0
Seq(2): state(alive), packet-loss(0.000%) latency(8.842), jitter(3.003) sla_map=0x0

XXXX # diagnose sys virtual-wan-link member
Member(2): interface: wan, gateway: 91.126.214.1, priority: 0, weight: 75
Member(1): interface: lan4, gateway: 192.168.0.1, priority: 0, weight: 1

 

Thanks

2974
0 Kudos
jintrah_FTNT
Staff
Staff
In response to RolandBaumgaertner72

Created on ‎12-11-2023 12:12 AM Edited on ‎12-11-2023 12:13 AM

Hi,

Is this command outcome taken at the morning during time of issue? As the health check shows no packet loss to pings, I suppose this is taken when in a working/normal scenario, or else we should see ping packet loss reported on the system, the same time when you tried pinging the gateway router that failed.

 

Best regards,

Jin

2969
0 Kudos
RolandBaumgaertner72
Contributor III

Created on ‎12-11-2023 01:09 AM

Hi,

 

yes this was after. When the problem occurs I get the WAN1 down and health check and everything fails.

 

Any idea? How is it possible that the FG looses connection to the WAN after x hours and after the  reboot everything works fine again.

 

Thanks

2954
0 Kudos
hbac
Staff
Staff
In response to RolandBaumgaertner72

Created on ‎12-11-2023 06:57 AM

Hi @RolandBaumgaertner72,

 

When it happens, please try to ping the default gateway of WAN1. Replace x.x.x.x with the default gateway IP address. Also check the arp and routing table:

 

exec ping-options interface WAN1

exec ping x.x.x.x 

get system arp 

get router info routing-table database 

 

Regards, 

2941
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.