|
Symptom of the problem:
- Packet loss.
- Authentication failures.
- Session drops.
- Not able to connect to SSH.
The symptoms detailed above will occur only for traffic with a source or destination passing through any interface configured as 'redundant'.
Reproduction scenarios.
Scenario 1:
After upgrading from v7.2.11 or v7.4.7 to v7.4.8, FortiGate-70/71G and 90/91G with interfaces of type 'redundant' may experience packet loss and disconnections (poor quality, failure to establish TCP connections such as SSH).
Scenario 2:
On v7.4.7 and v7.4.8, after an unexpected power loss and reboot, FortiGate-70/71G and 90/91G with interfaces of type 'redundant' may experience packet loss and disconnections until the device is rebooted again.
Workarounds are currently available.
Workaround 1:
Disable auto-asic-offload to resolve the issue in v7.4.8. This may cause performance degradation.
config firewall policy
edit <id>
set auto-asic-offload disable
end
Workaround 2:
Change the interface type from 'redundant' to 'aggregated'. To perform the workaround, this KB article can be followed: Technical Tip: Changing interface type from 'Redundant' to 'Aggregate'
Workaround 3:
Use a single interface if aggregation is not required.
Solution:
The final solution will be implemented in v7.4.9 and v7.6.4.
|
