Troubleshooting Tip: VLAN Interface Used in IPsec, SSL VPN, or SD-WAN Configuration is not displayed in GUI after a firmware upgrade to FortiOS v7.4.4 or v7.6.0

ssanga · ‎10-21-2024

Description

This article describes a known issue where FortiGate fails to display a VLAN interface used in IPsec, SSL VPN, or SD-WAN. It is not displayed on the interface list or the SD-WAN page and cannot be configured in the GUI after a firmware upgrade.

Scope

FortiGate v7.4.4, v7.6.0

Solution

After upgrading FortiGate to FortiOS v7.4.4 or v7.6.0, the VLAN interface is not visible under Interfaces, SD-WAN Zones, or Firewall Policies in the GUI.

Sample CLI config:

config system interface

edit "Internet_Inter"

set vdom "root"

set ip 192.168.1.1 255.255.255.248

set interface "port17"

set vlanid 135

config members

edit 2

set interface "Internet_Inter"

set gateway 192.168.1.6

config firewall policy

edit 0

set srcintf "Internet_Inter"

set dstintf "v10"

set srcaddr "all"

set dstaddr "all"

set schedule "always"

set service "ALL"

set logtraffic disable

The VLAN interface 'Internet_Inter' configured on port17 is not displayed under the following:

Interfaces:

SD-WAN-Zone:

Firewall Policy:

This issue has been resolved in v7.4.8.

Workaround:

Use the CLI to configure or validate the configuration. Logs required by FortiGate TAC for investigation.

TAC Report:

execute tac report

The configuration file of FortiGate.
Fortinet Support Tool Data.
Debugs:

diagnose debug application httpsd -1
diagnose debug enable

Load the FortiGate GUI/web pages and reproduce the issue:

diagnose debug disable

Troubleshooting Tip: VLAN Interface Used in IPsec, SSL VPN, or SD-WAN Configuration is not displayed in GUI after a firmware upgrade to FortiOS v7.4.4 or v7.6.0

You are leaving our website