Hello guys
I have a fortigate 60F Firewall and 2 WAN Links configured with SD-WAN. A SLA Link Monitor is configured to ping a remote ip every 2 seconds with a latency threshold of 7000ms and 20 failures before it becomes unavailable. My problem is that the Forti Eventlog says "The member2(wan2) link is unreachable or miss threshold. Stop forwarding traffic. " I have created a wireshark trace directly from the fortigate and it shows that the Identifier (BE) in the ICMP field changes while the log message in the fortigate firewall is shown.
When the wan2 interface is more or less idle the BE Identifier does not change only when there is congestion for example a simple http download it changes after about 60 seconds after the download is initiated.
Does anyone know what does this BE identifier mean? I am not seeing any packet loss in the trace because the sequence numbers are intact.
