Hi all, Currently we have 2 x Fortigate 80D's at two different sites. Having the issue that the IPSec VPN is dropping and never coming back up after around 1-3 days. The site that is dropping is using a ZTE (swapped with a Broadcomm NF4V) VDSL2 modem.
The issue is that after around 20 or so hours the VPN will all of a sudden will begin failing to establish the phase 1 of the tunnel and it will be stuck on that for around 10 hours or until the device is rebooted. I'm still not convinced it's an issue Fortigate itself as I can drive down the Phase 1 and Phase 2 timeouts until they are practically as low as I can get them (Phase 1 – 240 seconds, Phase 2 – 120) and they will over and over negotiate without issue. Currently the issue is being resolved somewhat hamfistedly by rebooting the units as every attempt to restart the tunnel through the CLI fails. If anyone has seen this issue before please reply or contact me offlist. I'm not sure if this is appropriate for Ausnog, if it's not please administer the lashings. Regards, Jason. _______________________________________________ AusNOG mailing list [email protected] http://lists.ausnog.net/mailman/listinfo/ausnog
