Help
FortiMonitor
FortiMonitor is a holistic, SaaS-based digital experience and network performance monitoring solution which combines monitoring, network incident management, automation, and network configuration management into a single source of truth
RobB22
Staff
Staff

Created on ‎03-08-2022 08:51 AM

Article Id 206419

Technical Tip: Troubleshooting Failed Network Checks

Description This article describes the troubleshooting for Network Check Failures
Scope FortiMonitor OnSight Collector
Solution

This approach requires logging into the OnSight Collector via SSH.  All steps assume this connection has been established.

 

If a check executed against a network device fails, it is often a traffic issue and not necessarily a device issue.  Checking for traffic controls between the network device and the OnSight Collector, as well as any controls between the OnSight Collector and the FortiMonitor aggregation server may indicate where the issue resides.

 

Common Issues:

  1. No logical network path - one IP address does not have a valid path to another IP address
  2. Access Control - regulated by firewalls, advanced switching, and other networking devices, traffic may be restricted to a certain part of the network.  Additionally, some traffic types may be restricted and prevented from flowing inbound, outbound, or both.
  3. Device Configuration - some devices require that certain communication channels or protocols be activated or configured.

1. Verify Basic Connectivity

Establish a ping connection to the desired host.  

  1. Obtain the IP address of the desired host.
  2. Run the following command, substituting 10.10.10.10 for the host IP address.
    ping 10.10.10.10​
     Successful ping replies will look similar to data in the block below, whereas failed connections will note a failure reason (e.g. "Host Unreachable", "Timed Out", etc.)  If this fails to resolve, there may be a connection or access control issue on the network.
    64 bytes from 10.10.10.10: icmp_seq=1 ttl=93 time=14.7 ms
     If the desired host is referenced by a domain ID (e.g. "Computer 1"), verify correct DNS resolution by attempting to ping using the domain ID in place of the IP address.  In the example below, Fortinet.com is used in place of a local DNS entry.
    ubuntu@ip-173-1-0-151:~$ ping fortinet.com
PING fortinet.com (54.70.126.22) 56(84) bytes of data.
64 bytes from ec2-54-70-126-22.us-west-2.compute.amazonaws.com (54.70.126.22): icmp_seq=1 ttl=38 time=48.0 ms
     If this second ping fails to resolve, there may be a communication issue between the OnSight and the client DNS server.

2. Verify FortiMonitor Server Connectivity

Run a curl command to verify the OnSight can reach the FortiMonitor remote aggregation server (line 1) and it should return the demonstrated output (line 2).  If this fails to resolve, there may be an issue with the DNS resolver failing to reach the aggregation server.  Alternatively, access restrictions on incoming traffic may prevent the return from the aggregator to OnSight.  

ubuntu@ip-173-1-0-63:~# curl https://aggregator2.panopta.com/v2/hello
{"hello": "world", "timestamp": 1646754856}

 

3. Check Internal Network and Device Configuration

Refer to FortiMonitor OnSight documentation for details regarding which ports and protocols are in use by the OnSight Collector.  Verify the internal network and device configurations are compatible with these requirements.  

 

Related Document: https://docs.fortinet.com/document/fortimonitor/22.1.0/user-guide/481297/ssh
935
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.