Hi!
So, I need a litte help to undestand, how can I support HA or Failover in Mikrotik with IPSec Tunnel?
Currently, there is a Fortigate site to site with Mikrotik. In Fortigate, there are two IPSec Tunnel. On the side of Fortigate, we use a gateway remote FQDN (cloud mikrotik).
On the side of Mikrotik, we use a DNS Fortigate on tab peer. But, when my DNS Fortigate change IP, the Mikrotik don't UP tunnel. On log, I can see error about phase2.
After than, I need disable tab's for 5 seconds: Identities, Peers, Proposals and Policies.
I was thinked use script to stop and start IPSec, everytime change DNS Fortigate or Link Mikrotik. But I don't think it's work.
Can you help me?
Thank you!