Fortiview in Fortianalyser - SSL VPN errors

Forum|Forum|4 years ago
July 22, 2021
1 reply
2206 views

Hello

I am tweaking my Fortigate to work with Fortianalyser and i am noticing that under my Top Threats i have a lot of DNS errors from my SSL VPN

I am unsure as to what could be causing this.

197696.png

Kush_Patel

Staff

What is the IP address of DNS server configured under SSL VPN configuration ? Might need more info from this log.

It cloud be this : This is an expected behavior where the firewall logs any invalid DNS traffic.

Invalid DNS traffic would be UDP packets on port 53 that are not DNS traffic, packets which are oversized, bad checksum etc or this happens also if the DNS query is not successful returns any other status than NOERROR.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-DNS-error-logs-showing-in-FortiAnalyzer/ta-p/202778

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded