By default, the feature is disabled.

Related document:

New features or enhancements

Active Detection will be triggered when:

1. System start.
2. miglogd restart.
3. The interface status changed to up.
4. New interface with a valid IP.
5. Interface gets IP from the DHCP server or else.
6.  Interface IP is edited by the user.

Alongside the above, the firewall will keep monitoring the Gratuitous ARP packet, and if a device connected to FortiGate is trying to use an IP address that is already in use, a log will be generated.

In the lab firewall, set the ip-conflict-detection to enable:

kvm25 # config  system global  

kvm25 (global) # set ip-conflict-detection enable

kvm25 (global) # 
kvm25 (global) # end

Tried to change the IP of the firewall on port3 to the same as one of the machine's IPs connected to the firewall interface port3. Once the IP conflict is detected, the firewall generates a log at Log&Report -> System Events -> General System Events as below:

date=2024-12-25 time=04:23:26 eventtime=1735129406434351939 tz="-0800" logid="0100032701" type="event" subtype="system" level="error" vd="root" logdesc="Detected IP conflicts on FGT interfaces." msg="Duplicate IP address 10.171.5.9X of MAC 00:7X:6e:69:0X:0X was detected on interface port3, also in use by port3 (00:6X:61:78:1X:0X)"