Created on 09-29-2021 12:21 AM Edited on 08-02-2022 08:35 AM By Anonymous
Description
This article describes the SD-WAN monitor feature and how to troubleshoot the issues related to them.
Solution
After the configuration of the SD-WAN template, the units added in the template can be monitored by
Device Manager -> SD-WAN -> Monitor.
- The data can be monitored via 2 ways: 'Map View' and 'Table View'.
- By default the historical data is disabled. By enabling 'sdwan-monitor-history' historical data of last 8 days can be fetched.
# config system admin settingTroubleshooting.
set sdwan-monitor-history enable
end
- For issues in the Map view visibility, first verify if are able to reach the map server
# diagnose system mapserver testExample output:
* Trying 208.91.114.183:443...If the map server is not reachable make sure the DNS is resolving the domain and the port is open and allowed
* TCP_NODELAY set
* Connected to mapserver.fortinet.com (208.91.114.183) port 443
- Make sure in the FortiGate, the below settings are configured:
1) From FortiGate CLI.
Performance SLA logs are generated at specific time period as defined by the below commands:
# config system virtual-wan-link- Also verify whether the monitored interface is set with the role as WAN
# config health-check
edit <name>
set sla-fail-log-period 30
set sla-pass-log-period 60
next
end
end
Go to Network -> Interfaces -> Edit -> Role -> WAN and select 'Apply'.
2) FortiManager Debug Chrome and CLI:
https://chrome.google.com/webstore/detail/fortimanagerfortianalyzer/dhdlbdcjpkjngafjclfegbbcajbfhlac
# config system dmThen restart the fgfm tunnel:
set fgfm-sock-timeout 90
set fgfm_keepalive_itvl 30
end
# diagnose sys process killall fgfmFmg Debug:
# diag debug reset
# diagnose debug service sys 255
# diag debug en
refresh the problematic SDWAN page
# diag debug disable
Related KB articles:
Technical Tip: FortiView Secure SD-WAN Monitor
Technical Tip: New Logic of SD-WAN templates
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.