Table of Contents
Advertisement
confirm that the secondary tunnel will be
used automatically to maintain a secure
connection.
Verify the IPsec VPN tunnel statuses on
FortiGate 1 and FortiGate 2. Both FortiGates
should show that primary tunnel is DOWN
and secondary tunnel is UP.
Go to VPN > Monitor > IPsec Monitor to
verify the status.
Verify the routing table on FortiGate 1 and
FortiGate 2.
The secondary OSPF route (with cost = 100)
appears on both FortiGate units.
Go to Router > Monitor > Routing
Monitor. Type OSPF for the Type and
select Apply Filter to verify OSPF route.
Verify that traffic flows via the secondary
tunnel.
From a PC1 set to IP:10.20.1.100 behind
FortiGate 1, run a tracert to a PC2 set to
IP:10.21.1.100 behind FortiGate 2 and
vice versa. From PC1, you should see that
the traffic goes through 10.2.1.2 which is
the secondary tunnel interface IP set on
FortiGate 2.
From PC2, you should see the traffic goes
through 10.2.1.1 which is the secondary
tunnel interface IP set on FortiGate 1.
Using redundant OSPF routing over IPsec VPN
217
Advertisement
Table of Contents
