FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes best practices for Transparent Mode Issues.
Solution MAC addresses details.
Add to the Layer2 network diagram the MAC addresses of the hosts involved in the setup. When reading a sniffer trace taken from a transparent mode scenario, Fortinet Support needs to map these MAC addresses to the appropriate units. Also, indicate when VRRP/HSRP or load balancing / fail over mechanisms are used.
Dump the bridge information with:
#diagnose netlink brctl list
Dump the VDOM bridge forwarding table with:
#diagnose netlink brctl name host <vd_name>.b where <vd_name> is the virtual domain name
Interface details.
# config sys interface # sh fu end
Sniffer traces. When there are traffic problems, take 2 sniffer traces simultaneously on the internal and external interfaces. T hese traces must be captured in verbose 3.
