FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ssanga
Staff
Staff
Article Id 370198
Description

This article describes an issue observed after upgrading FortiGate to v7.6.1, where the SD-WAN Performance SLA 'Default_DNS' incorrectly shows 'All Participants of Default_DNS Are Down.'

Scope

FortiGate v7.6.1

Solution

After upgrading the FortiGate to v7.6.1, the 'Default_DNS' Performance SLA displays the message 'All Participants of Default_DNS Are Down.'

 

PerfSLA.png

 

SLA details do not show any statistics.

 

SLADetails.png

 

Debugging the link monitor reveals that no probes are being sent from the FortiGate. Despite this, the associated routes remain present in the active routing table.

 

This issue has been resolved in v7.6.3 (scheduled to be released in March 2025). These timelines for firmware release are estimates and may be subject to change.

 

General debug information required by FortiGate TAC for investigation:

 

  1. Debugs:

 

diagnose sys sdwan health-check

diagnose sys sdwan sla-log Default_DNS 1

diagnose sys sdwan sla-log Default_DNS 2

diagnose debug application link-monitor -1

diagnose debug enable

<wait for 30 seconds>

diagnose debug disable

 

  1. TAC Report:

execute tac report

 

  1. Configuration file of the FortiGate.
  2. FortiGate Support Tool data: Troubleshooting Tip: Collect GUI slowness and errors debugs via FortiGate Support Tool
Contributors