FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 305676

This article describes that when a FortiGate device set up as an iPerf Client attempts to connect to another FortiGate device running v7.4.3 and configured as a Speed Test server, the traffictest command on FortiGate iPerf Client produces the following error messages:


iperf3: error - control socket has closed unexpectedly
iperf3: interrupt - the server has terminated




FortiGate 90E-------internet---------FortiGateVM


  • FortiGate-90E is acting as an iPerf Client.
  • The speed test server is enabled on FortiGate-VM.




A sniffer on FortiGate-VM shows that the connection is closed with a 'FIN'.


Scope FortiGate v7.4.3.

FortiGate acting as a speed test server is not a standard iPerf server and should not be used for traffic testing.

FortiGate traffictest and speedtest server functions are not designed to be connected. For information on how to use the speedtest server, refer to the following documentation:

Speed tests run from the hub to the spokes in dial-up IPsec tunnels 7.0.1


The traffictest function is intended for:

  1. Testing internal traffic between two ports on the same FortiGate, for example, to test throughput between the VLAN/LAN interface and WAN1.




  1. To connect with an external iperf server.


As of v7.4.3, an additional layer of authentication is included and performed during communications between the speedtest server and the client. If a traffictest client attempts to connect to the same port as the speedtest server on FortiGate, the authentication will fail.

The connection closes with a 'FIN' to the FortiGate iperf Client. Fortinet recommends the use of a dedicated instance of iperf server which is publicly/locally hosted for Iperf testing.