Differences

This shows you the differences between two versions of the page.

--- public:ipsec_tunnel_drop [2024/12/05 15:32] – created sprabhu
+++ public:ipsec_tunnel_drop [2024/12/11 18:11] (current) – rhudak
@@ Line 1: / Line 1: @@
 ====== IPSec Tunnel Drops on Nautilus ======
+<color #ed1c24>*For the Fortigate</color>
 The Nautilus is offshore of American Samoa and is tunneling back to the HUB at URI using the same basic configurations as R/V Endeavor. We have been seeing periodic drops on the IPSec tunnel that don't align with what's happening on Endeavor, which could be related to the much longer path that Nautilus is taking.
@@ Line 6: / Line 8: @@
 ==== Hardware on Nautilus ====
-  * Ship: Fortigate 81F active/passive HA, v7.4.4
+  * **Ship:** Fortigate 81F active/passive HA, v7.4.4
-  * Hub: Fortigate 61F active/passive HA, v7.4.3
+  * **Hub:** Fortigate 61F active/passive HA, v7.4.3
 ====. Potential Causes ====
-  * Anti-Replay false positives: Disabled replay detection in May due to false positives.
+  * **Anti-Replay false positives:** Disabled replay detection in May due to false positives.
-  * Dead Peer Detection: First expected to see the problem due to VSAT drops and latency associated with the long path but the logs indicate them as rare occurrences, and do not align with observed IPSec outages. We used the setting for dpd interval as 2sec, with dpd timeout as 2sec.
+  * **Dead Peer Detection:** First expected to see the problem due to VSAT drops and latency associated with the long path but the logs indicate them as rare occurrences, and do not align with observed IPSec outages. We used the setting for dpd interval as 2sec, with dpd timeout as 2sec.
-  * HMAC validation issues: Align with the observed IPSec tunnel outages on Marlink VSAT and could be the primary cause suspected for the current issue.
+  * **HMAC validation issues:** Align with the observed IPSec tunnel outages on Marlink VSAT and could be the primary cause suspected for the current issue.