| Solution |
- To run a debug flow in FortiGate GUI, go to Network -> Diagnostics and select the Debug Flow tab.
- By default, the number of packets is 100, maximum is 1000.
- Enable the filter, and there will be two filter types.
- For filter types 'Basic', it is possible to filter by IP address, Port, and Protocol.
- For filter types 'Advanced', it is possible to filter by Source IP, Source port, Destination IP, Destination port, and Protocol.
- Once the filter has been configured, select 'Start debug flow' to start the debug. The debug messages are visible in real-time.
- It is possible to stop the debug flow by selecting 'Stop debug flow' or wait for it run until number of packets that had define.
- It is possible to save the output in CSV format.
- The output can be filtered by 'Time', 'Message', and 'Function field'.
To run the debug flow in the Firewall CLI, use the following command:
diagnose debug reset
diagnose debug flow trace stop
diagnose debug flow filter clear
diagnose debug flow filter addr 10.10.10.10 <- Source/destination IP.
diagnose debug flow filter port 443
diagnose debug flow show function-name enable
diagnose debug console timestamp enable
diagnose debug flow trace start 1000
diagnose debug enable
To stop the debug, run the following command:
diagnose debug disable
diagnose debug reset
Related document:
Embed real-time debug flow tool on Diagnostics page
Note: By default duration is 30 minutes, if it is desired to increase or decrease the time, refer to the article below:
Technical Tip: Changing debug duration
|
