Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
annie31
New Contributor

BACnet Protocol Issue over VPN

I recently installed 60F at one of our Branch sites and running IPsec tunnels back to HQ.

We have 2 honeywell controllers for Builing management that runs the BACnet protocol and these seem to have stopped working over the VPN. These had been working fine over our Cisco DMVPN setup before installing the 60F.

We can ping the 2 BACnet controllers fine but not receiving data from them. I have correct rules in place and removed any security profiles on rules.

I thought it could have the MTU vaulue being too high but its lower than the value we have on the previous tunnels.

Also to note, these did work for a period of days over the FGT but was flaky until 7.0.9 installed and now nothing!

Getting a bit of heat from Management to get this resolved ASAP.

Anyone came across any BACnet issues like this before?

Cheers

https://omegle.onl/ vshare
1 REPLY 1
FortiMax_it
Contributor

 

Hi, When traffic is active it pass to the correct policy? What you see in Log forward?

 

Use, in cli, the debug Flow and see what are the operation executed from fortigate from your problematic source:

 

diagnose debug disable
diagnose debug flow trace stop
diagnose debug flow filter clear
diagnose debug reset
diagnose debug flow filter addr [IP] 
diagnose debug flow show console enable
diagnose debug flow show function-name enable
diagnose debug console timestamp enable
diagnose debug flow trace start 999
diagnose debug enable

 

Labels
Top Kudoed Authors