We Have a new site behind a FortiGate 100F.
This is set up with our organization to connect to 4 different sites.
For each site we set up a different VPN inn FortiGate.
We got the tunnels up (Phase one and 2) but they eventually go down and sometimes come back up other don't.
From the Meraki side. I've changed Encryption and Authentication to many combinations.
Outcome is the same.
From the FortiGate side we tried
DPD Disabled.
Autokey Keepalive disabled.
This is Phase 1 and 2 on the Meraki Side.
This is Phase 1 and 2 on FortiGate.
Meraki is updating its device-to-cloud connectivity to an architecture that was crafted from the ground up to provide even greater security and simplicity for connectivity. This connectivity is currently available on devices that meet certain firmware requirements, noted below in the section, Supported Firmware/Models.
In order to enable FIPS mode, please ensure that the settings below in your Dashboard are in compliance with FIPS Standards:
Security & SD-WAN -> Configure: Site-to-site VPN -> Non Meraki VPN settings:
I'm sorry but... What does it have to do with the Issue?
Keep in mind that in the future it can be a problem, I have to reconfigure some tunnels because of FIPS mode, so I suggest you change your settings as recommended, maybe It can help. But It's your choice, I'm just trying to help you.
Got it. Thanks
There can often be issues if multiple subnets exist in the encryption domain. Is this the case - and if it is - is there any chance that only one combination of the subnets work at a time?
Not Really. I often got multiple subnets working at the same time. For example now. I have a RDP session open with one remote subnet and ping runing to others.
I don't know if this is your issue - but this article talks about it.
It doesn't apply to my issue. Also, the Firmware on the Fortigate is 7.2.x