Meraki

nikmagashi · ‎Oct 18 2022

Hi,

I have an ipsec tunnel to a meraki MX and users behind the MX are complaining sometime that they cannot reach the resources back behind the fortigate. We solve this immediately by doing a ping from one of the servers behind the fortigate to the local network behind the MX. So basically if we have a continuosely ping the users will never experience connection problem, but without it the tunnel seems to go down. I have recreated the tunnel, I have enabled auto-negotiate om the fortigate but still the same issue.

Has anyone had this problem before?

BR Nik

BlakeRichardson · ‎Oct 18 2022

@nikmagashi I just want to make sure I am understanding this right so if a user that sits behind the MX pings a server behind the Fortigate everything starts working?

How long does it take to stop working again i.e. once a user disconnects from a resource how long until you have to ping to bring access back?

Sounds like it could be a TTL setting on the Fortigate end.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

alemabrahao · ‎Oct 18 2022

Check these information:

https://community.meraki.com/t5/Security-SD-WAN/Non-Meraki-VPN-negotiation-msg-FIPS-mode-disabled/m-...

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Meraki_Device_to_Clou...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Meraki

Community

Tunnel to fortigate gets down

Tunnel to fortigate gets down