network outage after fgt and fortiswitch are in place
I have a very strange situation.
I installed a FGT-51E and FSW-124E-FPOE with 6.2.3...
Since these systems are running users are reporting that they will be kicked out sometimes from the network. RDP sessions will be closed, program which are running on the server will be closed etc. And that is happening while they are working.
Very strange. I configured a ping test and during the "outage" the ping did not stopped.
I have no idea how to check what could be the root cause for that.
I configured two vlans (office and server) and assigned them as native vlan on the switch. Is this the correct way how to do that?
On the firewall there is policy which is allowing the traffic without any restrictions.
How many users / groups does your domain have?
I also tried AD collector on a small domain (about 30 users and FGT81E). And there was a very large increase in CPU load and traffic to/from DC.
I set up a ticket then and it was explained to me:
The behavior you have described is rather normal as your Fortigate has to download all Windows event logs every few seconds and parse through them. The more event logs there are on your Domain Controllers, the more resources will be consumed on your Fortigate as unfortunately, this process is very intensive on resources. For this very reason, we provide FSSO Collector Agent that you can be installed on your Domain Controllers or any other domain-joined PC, which will do the CPU intensive tasks for you. This is the the recommended approach as the most CPU intensive tasks will be performed by your Windows Servers while your Fortigate can concentrate on Traffic related tasks.Recommended resources:FSSO cookbook: https://cookbook.fortinet...-advanced-mode-expert/FSSO Agent modes: http://help.fortinet.com/...entication-54/FSAE.htmFSSO Collector Agent download: https://support.fortinet....ad/FirmwareImages.aspx >> / FortiGate/ v6.00/ 6.0/ 6.0.2/ FSSO/FortiOS Admin guide: https://docs.fortinet.com...ager-6.0.1-admin-guide >> Section "Agent-based FSSO"
So I went back to the proven model-DC Agent + Collector.