FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
dgough
Staff
Staff
Article Id 350621
Description This article describes how to analyze FortiLink communication using the CLI command. 
Scope FortiGate.
Solution

FortiLink is a feature used in Fortinet’s security fabric to connect FortiSwitches to FortiGates. SSH into the FortiGate and run the following command: 

 

diagnose debug console timestamp enable 

diagnose debug application fortilink <level>  1 to 4 (higher numbers provide more detailed output). 

diagnose debug enable  

diagnose debug disable <----- Execute the when finished.

 

Caution:

Debugging can generate a large amount of output and may affect performance. Always advisable to run commands during maintenance windows.

 

Output:

 

2024-10-19 09:03:51 591s:749ms:448us flp_send_pkt[460]:pkt-sent {type(5) flag=0x1ac2 node(internal6) sw(internal6) len(26)smac: 4:d5:90:80:85:4c dmac:70:4c:a5:ab:3d:d0 

Fortilink.png

 

Note:

The above will display output <level>  1: (minimal output)

 

Upon analyzing the debug logs related to network activity, it is evident that a packet is being transmitted from the device.

The number within the parentheses denotes a specific category of packet or protocol. These categories encompass different network protocols like data packets, control messages, or management traffic.

 

pkt-sent: This field indicates that the device is sending out packets.
type(5): A specific packet or protocol type.

 

  • The reference to 'node(internal6)' likely pertains to a particular network node or interface within the FortiGate. The 'internal6' is an internal interface.
  • The reference to 'sw(internal6)' indicates the corresponding switch or virtual switch interface associated with the internal6 node. This signifies that the FortiGate is overseeing a switch interface that aligns with the internal network.
Contributors