Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
caunon
Staff
Staff

Created on ‎02-19-2023 10:04 PM Edited on ‎02-19-2023 10:04 PM By Community Manager

Article Id 246348

Technical Tip: How to check VRRP sessions

Description

This article describes that In some scenarios, it is necessary to check the session details of VRRP (Virtual Router Redundancy Protocol) to investigate further issues.
Scope

FortiGate.
Solution

-To investigate VRRP sessions in FortiGate, use the CLI commands below to investigate VRRP further sessions:

 

FGT # diagnose sys session list | grep proto=112 -A 15

 

Example:

 

FGT # diagnose sys session list | grep proto=112 -A 15

 

session info: proto=112 proto_state=00 duration=599 expire=4 timeout=0 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/0
state=log dirty local may_dirty
statistic(bytes/packets/allow_err): org=160/4/1 reply=0/0/0 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->in, reply out->post dev=22->0/30->22 gwy=0.0.0.0/0.0.0.0
hook=pre dir=org act=noop 10.15.45.45:0->224.0.0.18:0(0.0.0.0:0)
hook=post dir=reply act=noop 224.0.0.18:0->10.15.45.45:0(0.0.0.0:0)
src_mac=15:15:15:00:01:04
misc=0 policy_id=95 pol_uuid_idx=0 auth_info=0 chk_client_info=0 vd=0
serial=000003bf tos=00/00 app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=00000000
--
session info: proto=112 proto_state=00 duration=599 expire=4 timeout=0 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/0
state=log dirty local may_dirty
statistic(bytes/packets/allow_err): org=160/4/1 reply=0/0/0 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->in, reply out->post dev=19->0/30->19 gwy=0.0.0.0/0.0.0.0
hook=pre dir=org act=noop 10.15.65.45:0->224.0.0.18:0(0.0.0.0:0)
hook=post dir=reply act=noop 224.0.0.18:0->10.15.65.45:0(0.0.0.0:0)
src_mac=15:15:15:45:01:01
misc=0 policy_id=95 pol_uuid_idx=0 auth_info=0 chk_client_info=0 vd=0
serial=000003ba tos=00/00 app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=00000000
--
session info: proto=112 proto_state=00 duration=599 expire=4 timeout=0 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/0
state=log dirty local may_dirty
statistic(bytes/packets/allow_err): org=160/4/1 reply=0/0/0 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->in, reply out->post dev=5->0/30->5 gwy=0.0.0.0/0.0.0.0
hook=pre dir=org act=noop 10.15.61.45:0->224.0.0.18:0(0.0.0.0:0)
hook=post dir=reply act=noop 224.0.0.18:0->10.15.61.45:0(0.0.0.0:0)
src_mac=15:15:15:45:01:09
misc=0 policy_id=95 pol_uuid_idx=0 auth_info=0 chk_client_info=0 vd=0
serial=000003bd tos=00/00 app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=00000000
--
session info: proto=112 proto_state=00 duration=599 expire=4 timeout=0 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/0
state=log dirty local may_dirty
statistic(bytes/packets/allow_err): org=160/4/1 reply=0/0/0 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->in, reply out->post dev=26->0/30->26 gwy=0.0.0.0/0.0.0.0
hook=pre dir=org act=noop 10.15.64.55:0->224.0.0.18:0(0.0.0.0:0)
hook=post dir=reply act=noop 224.0.0.18:0->10.15.64.55:0(0.0.0.0:0)
src_mac=15:15:15:45:01:05
misc=0 policy_id=95 pol_uuid_idx=0 auth_info=0 chk_client_info=0 vd=0
serial=000003c2 tos=00/00 app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=00000000
--
session info: proto=112 proto_state=00 duration=599 expire=3 timeout=0 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/0
state=log dirty local may_dirty
statistic(bytes/packets/allow_err): org=160/4/1 reply=0/0/0 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->in, reply out->post dev=10->0/30->10 gwy=0.0.0.0/0.0.0.0
hook=pre dir=org act=noop 15.15.15.15:0->224.0.0.18:0(0.0.0.0:0)
hook=post dir=reply act=noop 224.0.0.18:0->15.15.15.15:0(0.0.0.0:0)
misc=0 policy_id=95 pol_uuid_idx=0 auth_info=0 chk_client_info=0 vd=0
serial=000003c4 tos=00/00 app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=00000000
no_ofld_reason: local
1085
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.