Fortigate drop my connection

Forum|Forum|4 years ago
January 5, 2022
1 reply
7601 views

Hello Experts,

I have a one Fortigate ( 80F) with last version of firmware(FortiOS v7.0.3 build0237).

I added some policies on it and installed it for our client.

Our client claim that he can not access to their local server which is in same IP range, I mean for example from 192.168.1.2 can not access to 192.168.1.250. He claim that when restarting the Fortigate its working fine but after for example 5 hours again Forigate dropping all connection and as result again he can not access to their server.

Have you ever seen this kind of issue?

Could you please give me some advice?

Thank you,

Ghasem

FortiGate

Best answer by gashjaei

Hello

Finllay got the answer,

Sever has a issue, change the server os and now works fine.

tnx

mariopugliese

Visitor III

Hi Ghasem

Check your ARP tables when this issue occurs.

On the FGT:

# get system arp | grep 192.168.1.2
# get system arp | grep 192.168.1.250

https://docs.fortinet.com/document/fortigate/7.0.1/administration-guide/473534/arp-table

Is the association between IPs and mac addresses correct from the Fortigate firewall ?

And also on the concerned servers (arp -a) ?

Do you have any Virtual IP configured on your Fortigate firewall ? (Policy and Objects => Virtual IPs) ?

It could be interesting to capture the ARP packets

# diagnose sniffer packet YOUR-LAN-INTERFACE "ether proto 0x0806"

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Using-the-FortiOS-built-in-packet-sniffer/ta-p/194222?externalID=11186

gashjaeiAuthor

Explorer II

Hello

Thanks for your comment.

Let me check and I will back to you ( hope not :D ). For the moment there is no any issue.

I hope FGT keep it all configuration on his memory and doesn't drop any connection.

Best,

Ghasem

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded