I’ve a Fortigate device (located behind a Peplink 380) configured to make a IPsec Vpn tunnel to a device located on the outside.
The peplink has 3 WAN (WAN1 and WAN2 configured with PPPOE and WAN3 as DHCP).
Normally, the VPN must be established using WAN1 and failover to WAN2 and finally WAN3 if problem occurs (Priority with Terminate Sessions on Link Recovery enabled).
Services (ESP, IKE and NATT) are configured on each WAN for forward inbound traffic to the Fortigate.
Basically I have 3 problems.
It works for several weeks but sometimes the following problems occurs:
- Inbound ESP traffic are dropped by the Peplink. Packet capture confirms the traffic is received on the WAN but not forwarded to the Fortigate (LAN interface of the Peplink).
- Outbound policy is NOT ALWAYS honored. For example, even if WAN1 is UP, IKE/ESP traffic is forwarded over WAN2 even if outbound policy is configured correctly (priority is configured with WAN1 as primary link.
- Terminate Sessions on Link Recovery is NOT honored. For example if WAN1 is bring up online again, IKE/ESP traffic is still forwarded to WAN2 even if the outbound policy is configured correctly (priority is configured with WAN1 as primary link)…
Ticket #783605 is opened with Peplink (version 7.1.0).
Any idea ??