In FortiOS 7.4.2 an authorization check was introduced for iPerf clients, due to the utilization of speedtest-server feature for ADVPN (Speed tests run from the hub to the spokes in dial-up IPsec tunnels - FortiGate 7.0.0 new features). Thanks to that, it is longer possible to test bandwidth between FortiGates as the speed-test check until FortiOS 7.4.8. Since FortiOS 7.4.8+ it is possible to run an iperf server locally and a regular iPerf client can be used as well.

In FortiOS versions older than 7.4.8, the following error is returned when trying to run the iperf server:

fgtiperfserver_olderversion# diagnose traffictest run -s
iperf3: parameter error - cannot be both server and client

In FortiOS versions older than 7.4.2, the only possibility to run an iPerf server is by configuring and running the commands below:

config system global   
   set speedtest-server enable
end

config system interface
    edit "port1"   
        set allowaccess ping https ssh http speed-test
    next

end

And then run the following on a client FortiGate:

diagnose traffictest run -c <FortiGate server IP>

Or use an iPerf3 client:

iperf3 -c <FortiGate server IP>