Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fiesta
New Contributor III

Traffic going through fortigate unstable often timeout, but not when bypassed from fortigate

Hi,

 

Good day to you.

 

User experiencing unstable connection while going through fortigate but when bypassed from fortigate traffic is fine.

And I see many this info in wireshark between client and server or server to client when traffic going through fortigate in tcp stream.

 

[This frame is a (suspected) out-of-order segment]

[Previous segment(s) not captured (common at capture start)]

[This frame is a (suspected) retransmission]

 

Is this a potentially asymmetric or something else?

Client said there have tried to bypass UTM and all service port but still having timeout/unstable issue.

Thank you.
FW.

FWD~
FWD~
12 REPLIES 12
fiesta
New Contributor III

any traffic shaper along the way to server? or try using different interface from client <> fortigate

FWD~
FWD~
azmadhussain

Below action tried

  1. Traffic shaper apply then remove
  2. policy route applies to specific router IP 
  3. tcp mss size apply
  4. NP offload 

          edit 1
          set auto-asic-offload disable 

 

 

fiesta
New Contributor III

Maybe try bypassing all security profile? try direct on fortigate (client (iperf client) <> fortigate <> client (iperf server)) on the same/different interface? restart? upgrade os?

FWD~
FWD~
Labels
Top Kudoed Authors