FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 307541

This article describes how to fix if the Ookla speed test is not running on devices behind FortiGate.

Scope FortiGate v7.0+.

If the speed test by Ookla is running on site and just says 'connecting',  it may be an issue with the firewall policy.


The speed test uses port 5060 and port 8080, so it needs to be allowed in the firewall policy for the test to run.

It is also necessary to allow port 443 and ICMP for the test to work.


To add that to the firewall policy, create a service object under Policy & Objects -> Services, select ‘Create New’, and then ‘Service’.

In Destination port, type 5060 in low and high. To create one object for both, select the ‘+’ option and add the second port number 8080 as shown below:




Alternatively, it is also possible to create separate service objects for both.


Once created, go to Policy & Objects-> Firewall Policy, select the policy that is for this traffic, and add this service object under Service. In addition to this, also add HTTPS, ICMP, and DNS to the service rule as shown below:





Try to run the test again. It should work properly.


Related document: