2. Configuring and Testing Link Health Monitor for Redundant VPN Connections on FortiGate 6.2 

I know this is a few years old now (still an amazing resource!) - linux will show dropped packets if you use the -O flag :)

Finally someone who goes directly to the point. Thank you.

Hey bro. Thank you so much. I have spent 2 days to resolve this issue with convergence delay (80 seconds). Great work. )))

I don't know if you monitor this, but is it possible with Fortigate to construct a VPN that load balances with 2 WAN connections, but if one fails will spin up the 3rd WAN connection to take the place of the failed connection? My application is using 2 physical wired ISP paths, with a cellular path on the 3rd WAN. I like using the link monitors and for my application if that's the only way I can do a 3 way setup, I have no issue with that. For my site a few lost packets will not present a problem.

To the tunnel en the VPN Remote2, do you configure "set monitore" ? Nice video congratulation, best regards from México

Just curious, I have an MPLS and site to site VPN over LTE for failover. Can I use this same setup on that? I have all traffic piped through the VPN back to our plant (subject to change later), so I need to monitor the MPLS interface and if it goes down have it fail over to the VPN

Hello, good afternoon, as I understand the "set srcintf" is the tunnel interface that is configured, in your case it is ToRemote1, another question is if this should also be configured in the other tunnel interface, which would be ToRemote2. Also I would like to ask you for the option "set server" can it be any phase 2 network on the other side? or does it have to be exclusively the fortigate on the other side? On the other hand, in the source.-ip you indicate the ip 10.10.1.254, that ip is the ip of the lan interface of the fortigate? or is it the ip of the tunnel interface? As you did not show the tunnel configuration, I had several doubts, thank you very much for the video.

This is great. Is there any reason this wouldn't work if the other side of the tunnel was not a FortiGate? Also, if both primary & secondary tunnels were using the same WAN uplink, would that change this configuration at all aside from the source interface?

I didn't understand what did it do when you killed the "cable", how was still communicating? It will enable or disable the route after detects down?

what would be the behaviour changing the static routes like: "same distance, different priority"

great video, if I want to configure the same topology but 1 side to other Firewall like Cisco ASA o Cisco Router, I need to choice DPD or it is possible used Link Monitor too?

Great video, thanks so much.

Devin, thanks for the awesome videos...

Is use 2 virtual 6.2.7 fortigates and it seem like i can't choose the vpn interface in the link monitor... very strange

Awesome man! Thanks so much!!!

Hi Could you configure the Wan Link Monitor in the Web Gui SD-WAN menu ?

Thank you so much ❤️💕💕

Hey,, it's so helpful keep making.. Your stuff is new that is why I like it..

thx!

nice video ..sometimes u r annoying!