Technical Tip: Basic troubleshooting Transparent Mode issues

Description

This article describes best practices for Transparent Mode Issues.

Scope

FortiGate.

Solution

MAC addresses details.

Add the MAC addresses of the hosts involved in the setup to the Layer2 network diagram.
When reading a sniffer trace taken from a transparent mode scenario, Fortinet Support needs to map these MAC addresses to the appropriate units.
Additionally, indicate when VRRP/HSRP or load balancing/failover mechanisms are used.

Dump the bridge information with the following command:

diagnose netlink brctl list

Dump the VDOM bridge forwarding table with the following command, where <vd_name> is the virtual domain name:

diagnose netlink brctl name host <vd_name>.b

Interface details:

config sys interface
show full
end

Sniffer traces:

When there are traffic problems, take 2 sniffer traces simultaneously on the internal and external interfaces. These traces must be captured in verbose 3.

diagnose sniffer packet any “” 3 0 a

Related article:

Troubleshooting Tip: Using the FortiOS built-in packet sniffer for capturing packets