FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
FrankY1
Staff
Staff
Article Id 335780
Description This article describes how to troubleshoot system probe response issues.
Scope FortiGate.
Solution
  1. Check the daemon status:
    The probe is handled by the daemon 'sla_probe', use the command 'diagnose system top' to check the daemon status. If the daemon is not in the correct state, restart the daemon. 

  2. Run the flow debugs for the ingress probe traffic.
    Debug flow result should show the ingress probe traffic received on the correct interface, match local-in-policy, and get allowed. 
    If the traffic is getting dropped, configure a local-in-policy to allow the traffic.

  3. Debug the application 'server-probe', and observe the behavior in the output. When successful, the application receives the probe request, and then sends a response to it with HTTP 200 message 'OK'. This message can be seen when running a CURL test from a client.


FGT # dia de app server-probe -1
Debug messages will be on for 30 minutes.
FGT # dia de en
FGT # [sla_response_rcv:345] accepted connection from 192.168.1.100: 53094
[sla_response_rcv_client:314] receivd a probe request from 192.168.1.100:53094
[sla_response_snd_client:232] sent response to 192.168.1.100 with value HTTP/1.1 200 OK
Content-Length: 2
OK
[sla_response_rcv_client:288] Peer(192.168.1.100:53094) closed normally.