FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes the case when using DOS policies, and these ones are being triggered during the file transfer.
FileCatalyst is a Client/Server solution that allows file transfers over UDP(8000-8999). This can trigger the UDP Flood threshold on the default settings of Fortigate's IPv4 DOS Policy causing FortiGate to drop the UDP sessions, causing the slow speed in the file transfer.
In this scenario, the uploads are done from outside, using a VIP, and the FileCatalyst is on the Firewall DMZ.
FortiGate version 6.2.x, 6.4.x, 7.0.x, 7.2.x and above.
FileCatalyst uses the following ports for data transfers (8000-8999) TCP and UDP, and TCP port(21) to control connection, this is the most important ones.
For a complete list of ports, verify the link below:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.