Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nsubramanian
Staff
Staff

Created on ‎04-09-2021 01:11 AM Edited on ‎09-12-2025 04:24 AM By Moderator

Article Id 189538

Technical Tip: Basic troubleshooting Transparent Mode Issues

Description

 

This article describes best practices for Transparent Mode Issues.

 

Scope

 

FortiGate.

Solution

 

MAC addresses details.

Add the MAC addresses of the hosts involved in the setup to the Layer2 network diagram.
When reading a sniffer trace taken from a transparent mode scenario, Fortinet Support needs to map these MAC addresses to the appropriate units.
Additionally, indicate when VRRP/HSRP or load balancing/failover mechanisms are used.

Dump the bridge information with the following command:

 

diagnose netlink brctl list

 

Dump the VDOM bridge forwarding table with the following command, where <vd_name> is the virtual domain name:

 

diagnose netlink brctl name host <vd_name>.b

 

Interface details:

 

config sys interface
show full
end

 

Sniffer traces:

 

When there are traffic problems, take 2 sniffer traces simultaneously on the internal and external interfaces. These traces must be captured in verbose 3.

 

diagnose sniffer packet any “” 3 0 a

 

3968
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.