Technical Tip: Unable to connect to the iPerf server hosted by the FortiGate on v7.4.2+

johnathan · ‎11-19-2024

Description

This article describes why regular iPerf clients cannot connect to the FortiGate when using a version above v7.4.2.

Scope

FortiGate v7.4.2+.

Solution

In v7.4.2, there was a change made that requires authorization for each iPerf client when a test is attempted. This authorization check is proprietary and not currently supported by any iPerf client. More details on the authorization check can be seen here: SD-WAN hub and spoke speed test improvements 7.4.2

The FortiGate below is on a version above 7.4.2. When taking a 'speedtestd' debug, the error 'test failed: unauthorized test(142)' is visible.

Mz_FortiGate-60F # diagnose debug application speedtestd -1

Mz_FortiGate-60F # diagnose debug enable

Mz_FortiGate-60F # [speedtest(315)::serv(0054)] auth result: 3, uuid=74693337-3277-6877-7872-6e376761666a, peerv4=0.0.0.0
[speedtest(315)::serv(0192)] test failed: unauthorized test(142)
[speedtest(315)] server listening on 5201 (fd=5)

diagnose debug application speedtestd -1.png

The test on the client side fails with 'error - control socket has closed unexpectedly':

.\iperf3.exe -c 100.64.0.1 --debug
Reading new State from the Server - current state is 0-Test reset
All threads stopped
iperf3: error - control socket has closed unexpectedly

The FortiGate below is on v7.4.1. The 'speedtestd' debug shows the test succeeds, and the same is seen on the client side.

Related article:

Troubleshooting Tip: Configure FortiGate as speed test (iperf) server

Technical Tip: Unable to connect to the iPerf server hosted by the FortiGate on v7.4.2+

You are leaving our website