need help on IPSEC tunnel configured between Microsoft ISA TMG and fortinet firewall.

Hello ,

I have recently configured VPN tunnel between TMG and foritgate firewall . However  VPN is flapping ,  we are facing vpn phase 2 down alert after every 6 minute. I ran the debug on fortigate firewall and found that TMG is sending IPSEC SA delete every six minutes.

I have enabled  both  bytes (102400000) and time 3600 sec in phase 2 key life setting. Please find below log details..

2015-04-20 02:17:22 ike 1:XXX_P1:435505: recv IPsec SA delete, spi count 1
2015-04-20 02:17:22 ike 1:XXX_P1: deleting IPsec SA with SPI cbadd89a
2015-04-20 02:17:22 ike 1:XXX_P1:XXX_VPN: deleted IPsec SA with SPI cbadd89a, SA count: 0
2015-04-20 02:17:22 ike 1:XXX_P1: sending SNMP tunnel DOWN trap for XXX_VPN
2015-04-20 02:17:22 ike 1:XXX_P1:x_VPN: IPsec SA connect 39 x.x.x.x->x.x.x.x:0
2015-04-20 02:17:22 ike 1:XXX_P1:xe_VPN: using existing connection

Any help would be greatly appreciated .

Thanks

April 20th, 2015 8:37am

Hi,

Please check IKE events and Oakley log file to see if there is any helpfil information about IPsec security associations. The article below describes some basic VPN over IPSec troubleshooting steps.

Troubleshooting VPN over IPsec

https://technet.microsoft.com/en-us/library/bb794765.aspx?f=255&MSPPError=-2147217396

Best Regards,

Joyce

Free Windows Admin Tool Kit Click here and download it now
April 21st, 2015 3:57am

Hi Joyce ,

I checked the IKE events but didn't find any useful logs .

Any idea why TMG sending SPI every six minutes ? Though i have set key timeout value 3600 sec .

April 21st, 2015 3:26pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics