Description | This article describes the DNS traffic will not show in the debug if using a set source interface and HA-direct enabled. |
Scope | FortiGate version 6.4, 7.0, and 7.2 above. |
Solution |
When turning on HA-direct in the HA configuration and using the set source interface for DNS configuration, DNS traffic will not be visible in the debug going out to the configured port:
When querying the DNS and debug sniffer will not show any traffic:
To solve this issue, it is necessary to remove the set source interface if enabling the HA-Direct configuration in the FortiGate. Then the DNS traffic will be sent out to the expected port and able to see in the debug sniffer. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.