Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Hassan97wsh
Staff
Staff

Created on ‎12-24-2025 10:26 AM

Article Id 424362

Technical Tip: FSSO CA stops syncing users with "packet size too big" error.

Description This article describes how to resolve an issue where FSSO CA stops sending new logged on users with a debug error message 'packet size too big'.
Scope FortiGate configured with FSSO. The FSSO user filter is configured on the FortiGate (Local FSSO filter).
Solution

The cause of this issue is usually a high number of selected induvial users and user groups in the FortiGate local FSSO filter.

 

FSSO collector agent logs:

 

12/23/2025 00:04:48 [ 5740] FortiGate connection accepted, no auth check.
12/23/2025 00:04:48 [ 5740] FortiGate:FGXXXXXXXXXXXXXX-root connected on socket (4852).
12/23/2025 00:04:48 [ 5740] send AUTH, len:26
12/23/2025 00:04:48 [ 5740] ready to read from socket
12/23/2025 00:04:48 [ 5740] packet size too big:1073804
12/23/2025 00:04:48 [ 5740] reset connection 0

 

To resolve this issue, unnecessary users/groups must be deselected from the filter. Only users/groups that will have a firewall policy reference should be selected.

 

Related documents:

How to read FSSO CA debug logon events - Fortinet Community

FSSO group filtering based upon OU - Fortinet Community
12
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.