Skip to main content
Ydaew
Ydaew
New Member
June 29, 2019
Question

Strange Blocking behavior

  • June 29, 2019
  • 1 reply
  • 7848 views

Hello Everyone, 

I have strange behavior in my lab, 

My lab topology is simple two different networks directly connected to Fortigate(VM), linux and windows machine. a policy to allow any any has been declared for testing. ping not working, no hits on the policy. 

linux and windows are able to ping their gateways (FG interfaces). 

i tried to reboot FG VM, the ping is succeeded for about 10 seconds after the reboot then failed again, and the policy during these succeeded pings is got some hits for that traffic!!

Any advise ?

 

    1 reply

    Ydaew
    YdaewAuthor
    New Member
    June 29, 2019

    It seems like a bug. 

    So we can consider this closed. 

     

    Thanks

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    June 30, 2019

    Most probably not a bug in FortiOS. 99% of all deployed Fortigates would be causing traffic blocks then.

     

    For testing, disable NP offloading on that policy:

    conf firewall policy

    edit xxx

    set auto-asic dis

    next

    end

     

    What do you see in FortiView?

    If you don't see any traffic, then it might be discarded because of RPF - make sure you have valid routes to both networks.

    As a last resort, use the sniffer:

    di de en

    di sniffer packet any 'icmp' 4 0 l

     

    and see if anything is knocking at the door.

    Ydaew
    YdaewAuthor
    New Member
    June 30, 2019

    Actually nothing knocking the door but after rebooting within 10 seconds i can see traffic passing!

    no problem with routing since the two networks are directly connected to FW and the hosts are able to ping FW which it their default gateway. 

     

    Terms & ConditionsAccessibility statement