Thanks vjoshi. I just got a reply from Fortigate support. He suggests to apply the below config:
config firewall policy
edit <firewall policy ID)
set timeout-send-rst enable
set session-ttl <example: (300)> default value is 0
I haven't applied the change yet. I guess I will give it a try. However, I still don't quite get what the report is complaining about, since I see that the icmp/udp sessions disappearing after the TTL count reaching 0.
The PCI report is a feature for v5.4. System > Advance > Compliance.
It generates a report and a list of items for us fine tune.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.