Hello @martyyy If the tunnel is up then, One way we can isolate this
issue by taking sniffer for the icmp packet on the FortiGate and you can
match if the number of the packets send by the peer is received same on
the FortiGate or not.
Hello @AhmadYousef To create the IPSEC tunnel all matters is the
reachability of the peer as mentioned by the @Toshi_Esumi . Also you
mentioned that your Local FortiGate is behind the WAN router so make
sure that the IPsec VPN Nat traversal is enable...
Hello @surender This generally happens when the traffic response is not
coming from the destination, so the receive bytes counter does not
increases. You can do the following to troubleshoot : Take two CLI
session and run the following sniffer and de...
Hello @sumit007ac You can refer this KB :
https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-check-SFP-transceiver-module-serial-number/ta-p/194318?externalID=FD38931You
can take the CLI access of the secondary FortiGate and run the
co...
Hello @Toshi_Esumi Even this syntax also works : diag sniffer packet any
'src 10.1.1.1 and dst 172.1.1.1' Although it is better to use with the
header and verbose level and timestamps.