Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
robertwb2
New Contributor

Created on ‎10-16-2017 08:42 AM

IPSec Tunnel Interface Link showing down, but its working.

I recently updated my Fortigate 100D devices to 5.6.2

 

I have 3 sites, each with a Fortigate 100D and each with a IPSec Tunnel to the other 2 locations.

 

All traffic is traversing normally, however when I look at Network->Interfaces, one locations Tunnel Interface Link Status is showing down.

 

So, when I am on Site 1's Interface Link Status, it is showing as DOWN to Site 3, Same with Site 2 to Site 3. And from Site 3, its showing DOWN to Site 1 & 2. 

 

Now when I look at VPN->IPSec Tunnels all statuses are showing as UP.

 

The only reason I'm asking this is because when I'm looking at my IPV4 policies, I'm getting a warning to those polices dealing with Site 3 and so on. 

 

I've check all Phase 1 & Phase 2 settings, everything is perfect there. As I mentioned, all traffic is working perfectly, I just want to make sure that all errors are cleared up. Thanks so much!!

21323
0 Kudos
6 REPLIES 6
emnoc
Esteemed Contributor III

Created on ‎10-16-2017 11:07 AM

Please review  diag cmds

 

 

diag vpn ike  gateway

diag vpn tunnel list

 

 

What does these  output shows?

 

Ken

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
8718
0 Kudos
robertwb2
New Contributor
In response to emnoc

Created on ‎10-16-2017 11:20 AM

So when I run those Diag cmds, I'm not seeing any errors. I can sure post those here or send them along to you if you would like to see them but everything looks good with no flags that I can see anyway.

 

This issue is odd, just because its dealing with everything at my "Site 3". I'm seeing the exact same things in all 3 of my FortiGates in Network->Interfaces and VPN->IPSec Tunnels. Down to Site 3 in Interfaces, but UP in IPSec Tunnels.

 

Thanks again!

8718
0 Kudos
robertwb2
New Contributor
In response to robertwb2

Created on ‎10-18-2017 08:00 AM

So should I submit a bug report for this?? I'm not sure what I can do next. Thanks again.

 

8719
0 Kudos
robertwb2
New Contributor
In response to robertwb2

Created on ‎11-03-2017 12:30 PM

I hate the keep pushing this up to the top, but wondering if anyone has any hints I could try?? Thanks so much!

8719
0 Kudos
andreas_freitag
New Contributor
In response to robertwb2

Created on ‎01-23-2018 12:29 PM

Same here... See Screenshot....

[ol]
  • VPN Up
  • Error on Policy
  • Interface on Policy Link down?
  • Interface not administrative down[/ol]

     

    • Preview file
    78 KB
    8720
    0 Kudos
    andreas_freitag
    New Contributor
    In response to andreas_freitag

    Created on ‎01-23-2018 02:46 PM

    After the Update to 5.6.3...

     

     

    Preview file
    21 KB
    8719
    0 Kudos
    Labels
    Top Kudoed Authors
    View all
    Broad. Integrated. Automated.

    The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

    Social Media
    Security Research
    Company
    News & Articles
    Contact Us

    Copyright 2024 Fortinet, Inc. All Rights Reserved.