Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Tunnel to fortigate gets down

nikmagashi
Getting noticed
‎Oct 18 2022 4:24 PM
‎Oct 18 2022 4:24 PM

Tunnel to fortigate gets down

Hi,

I have an ipsec tunnel to a meraki MX and users behind the MX are complaining sometime that they cannot reach the resources back behind the fortigate. We solve this immediately by doing a ping from one of the servers behind the fortigate to the local network behind the MX. So basically if we have a continuosely ping the users will never experience connection problem, but without it the tunnel seems to go down. I have recreated the tunnel, I have enabled auto-negotiate om the fortigate but still the same issue. 

Has anyone had this problem before?

BR Nik

Labels:
0 Kudos
Subscribe
2 Replies 2
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Oct 18 2022 5:15 PM
‎Oct 18 2022 5:15 PM

@nikmagashi  I just want to make sure I am understanding this right so if a user that sits behind the MX pings a server behind the Fortigate everything starts working? 

 

How long does it take to stop working again i.e. once a user disconnects from a resource how long until you have to ping to bring access back? 

 

Sounds like it could be a TTL setting on the Fortigate end.

btr.net.nz
0 Kudos
Subscribe
alemabrahao
Kind of a big deal
Kind of a big deal
‎Oct 18 2022 5:23 PM
‎Oct 18 2022 5:23 PM

Check these information:

 

https://community.meraki.com/t5/Security-SD-WAN/Non-Meraki-VPN-negotiation-msg-FIPS-mode-disabled/m-...

 

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Meraki_Device_to_Clou...

 

alemabrahao_0-1666138973158.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.