WAN connection dropping for a few seconds (10-20 times a day)

Hi there, u could try i set the interface speed manualy. for example. # conf sys int (interface)# edit internal (internal)# set speed 100full 100M full-duplex 100half 100M half-duplex 10full 10M full-duplex 10half 10M half-duplex Dave

Vincent, What is the WAN connection? PPPoE connections like to drop when they get saturated, which is especially easy to do upstream. I had frequent dropping at a satellite office and since I added a second DSL line to share the load, the dropping has disappeared pretty much completely. * It' s odd but I find satellite offices need the dual WAN functionality of FortiGate' s more often than a main office, since at the main office there is usually a bigger pipe with a SLA. * The IPSec links on these lines still drop more than I' d like, but there is a lot of distance so it' s high latency. The users don' t really notice though since there are two routes.

What Firmware are you running?

@Discoverit Firmware: v4.0,build0192,091222 (MR1 Patch 2) @veechee Cable. WAN1 port is connected directly to our cable-modem. @Dave Problem is on the WAN side, not the internal...

The diag hardware command gave zero errors. Speed is 100 full duplex at this moment. How should I set up speed? 10 full? Our broadband connection is (theoretically) 40M If I try half-duplex, aren' t we getting any troubles surfing/mail? Everything is coming in and going out at the same wan port...

I had a similar problem with a cable connection for a while. The issue was not with the firewall but rather the cable modem. In our case it turned out there was too much signal going to the modem and it would periodically lose connection to the cable network and reboot itself. Periodic modem reboots could be caused by various problems, but it might be something to take a look at. We had a motorola surfboard and in the log files we noticed a critical error with a valid timestamp and then a message to the effect of " ethernet link up" but with a 1970 timestamp- that indicated that the modem had been rebooted. At one point we also had someone run to the wiring closet and look at the modem when we noticed a problem just to make sure the modem had in fact gone down. Anyway- the cable company was able to fix the issue once we explained what was happening.

There' s always 1 or 2 seconds between the down event and the up event, never longer. I found this in the high availability handbook: These log messages, recorded by the primary unit, show the monitored port1 interface failed or was disconnected and the primary unit becoming a subordinate unit: 1 2010-01-14 16:59:39 log_id=0100020099 type=event subtype=system vd=root pri=information action=interface-stat-change status=DOWN msg= " Link monitor: Interface port1 was turned down" The id is not the same, but the message is. Could be a problem with the cable or modem? I' m going to plug out the modem a few seconds before I close off for the weekend. That' s our ISP' s answer to every connection problem ;-) Then I will see tomorrow if the event is coming back. If not: Yeeey! If yes, I' ll try patch 6. Or maybe test the cable one way or another? In the meanwhile, I opened up a ticket with Fortinet...

Problem solved! There was a distortion on the cable somewhere outside the building. ISP solved it with a new cable...