Situation

# DialUp IPsec連上或切斷的時候寄信通知
Send an email notification when the DialUp IPsec connection is established or disconnected.

Solution

[1]
Login FortiGate WebUI > Security Fabric > Automation

[2]
# (條件)如果tunnel的連線狀態改變
Trigger > FortiOS Event Log > Event > IPsec connection status changed

[3-1]
# (動作)寄信通知
Action > Email
  From    > "" 
  To      > "Your@Email" 
  Subject > "%%logdesc%%" 
  Body    > "%%log%%" 

[3-2]
# 如果覺得訊息太過複雜，可以參考%%log%%的值，取自己要的值重新編排
Action > Email
    From    > "" 
    To      > "Your@Email" 
    Subject > "[IPsec] %%vpntunnel%% %%action%%" 
    Body    > At %%time%% on %%date%%, the IPsec tunnel %%vpntunnel%% changed status to %%action%%.
              Remote peer: %%remip%%
              Assigned IP: %%assignip%%

[4]
# 設定Stitch語法整合Trigger跟Action
Stitch > Choose Trigger > Choose Action > Apply

TroubleShooting

# 確認FortiGuard是否可連
execute ping service.fortiguard.net

# 如果FortiGuard不可連，確認連出去的介面是否正確
config system fortiguard
  set interface-select-method { auto | sdwan | specify }
end

# 確認郵件Server狀態
get system email-server

# 測試寄信
diagnose debug reset
diagnose debug enable
diagnose debug console timestamp enable
diagnose debug application alertmail -1
diagnose log alertmail test