Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nsubramanian
Staff
Staff

Created on ‎04-09-2021 01:11 AM

Article Id 189538

Technical Tip: Basic troubleshooting Transparent Mode Issues

Description
This article describes best practices for Transparent Mode Issues.

Solution
MAC addresses details.

Add to the Layer2 network diagram the MAC addresses of the hosts involved in the setup.
When reading a sniffer trace taken from a transparent mode scenario, Fortinet Support needs to map these MAC addresses to the appropriate units.
Also,  indicate when VRRP/HSRP or load balancing / fail over mechanisms are used.

Dump the bridge information with:
#diagnose netlink brctl list
Dump the VDOM bridge forwarding table with:
#diagnose netlink brctl name host <vd_name>.b
where <vd_name> is the virtual domain name
Interface details.
# config sys interface
# sh fu
 end
Sniffer traces.
When there are traffic problems, take 2 sniffer traces simultaneously on the internal and external interfaces. T
hese traces must be captured in verbose 3.
# diag sniffer packet any “” 3 0a

2491
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.