Skip to main content
bbae
Staff
bbae
Staff
December 9, 2025

Troubleshooting Tip: Session Timeout Bug with NP7 model

  • December 9, 2025
  • 0 replies
  • 792 views
Description This article describes a session timeout issue in which the Session expiration timer continues to count down even with continuous traffic, resulting in a session timeout.
Scope FortiGate v7.0, v7.2, v7.4.
Solution

Session expiration doesn't get updated for offloaded traffic to/from a specific host range (x.x.x.[224-239]).

This bug, 971404, only happened to the NP7 models.

 

To resolve the session timeout issue, follow these steps:

  1. Identify the FortiGate version: Check the FortiGate version to see if it is affected by the bug. The bug affects versions before v7.0.14, v7.2.8, and v7.4.4.
  2. Disable auto-asic-offload: If the FortiGate OS version is affected, disable auto-asic-offload on the firewall policy to prevent session timeout issues. By default, the auto-asic-offload is enabled in the firewall policy. This can be done by using the following command:

 

config firewall policy

    edit 1

         set auto-asic-offload disable
    next
end
 
  1. Upgrade to a fixed version: To permanently resolve the issue, upgrade the FortiGate to a version that includes the bug fix, such as v7.0.14, v7.2.8, or v7.4.4.
Terms & ConditionsAccessibility statement