Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Created on ‎06-28-2009 03:08 AM

Connections drop randomly after upgrade.

Hi, After upgrading my FortiGate 60B from V3 MR7 patch 2 to a higher version (doesn' t matter which) the connections randomly drop. If I keep a ping running from internal to wan, and open a rdp connection to my home pc, all traffic stops for a moment. I tried updating and applying only a basic set of rules, but nothing works. Does anyone know a change in the software that could cause this behavior? Regards, Sander.
3365
0 Kudos
7 REPLIES 7
g3rman
New Contributor

Created on ‎06-28-2009 07:21 AM

Hi Sanderma, welcome to the forums. This is very unusual behaviour and has not been previously discussed as far as I am aware. Since you mention that this is a problem with various software versions I would suggest looking at all the interface settings such as speed and duplex on the firewall as well as the connected switches/routers. Sounds to me more like mismatch somewhere or a potential hardware problem with the firewall. Can you try testing between different interfaces? If there' s no difference and you can isolate the firewall by directly connecting some endpoints to each interface then I would RMA the unit.
A Real World Fortinet Guide Configuration Examples & Frequently Asked Questions http://firewallguru.blogspot.com
A Real World Fortinet Guide Configuration Examples & Frequently Asked Questions http://firewallguru.blogspot.com
2820
0 Kudos
Not applicable
In response to g3rman

Created on ‎06-29-2009 12:32 AM

Since you mention that this is a problem with various software versions I would suggest looking at all the interface settings such as speed and duplex on the firewall as well as the connected switches/routers. Sounds to me more like mismatch somewhere or a potential hardware problem with the firewall.
And indeed! The switch was set to 100 Mbit half duplex, and showed duplex errors. 
diagnose hardware deviceinfo nic wan1
didn' t show dropped packets, but that could be the MR7 patch 2 running (runs good). I will try to run V4 later on. Thanks for the useful tip.
2820
0 Kudos
lmuir
New Contributor

Created on ‎06-28-2009 06:45 PM

Same thing happened to mine after upgrade to MR7 P5. Didn' t worry too much about it since we are planning to go v4 shortly, which will hopefully not have the problem.
2820
0 Kudos
Not applicable
In response to lmuir

Created on ‎06-29-2009 12:11 AM

g3rman, thank you for the welcome I will check the switches for errors (didn' t thought of that )
Same thing happened to mine after upgrade to MR7 P5. Didn' t worry too much about it since we are planning to go v4 shortly, which will hopefully not have the problem.
Well, I tried the versions 4 build 92 and 99. They both had this " problem" . Won' t give up though.
2820
0 Kudos
Not applicable

Created on ‎06-29-2009 04:28 AM

I' d like to thank you. The connection is stable, so it seems MR7 patch 2 and before play nice with half duplex, but later versions don' t. Many thanks for the insight! Sanderma
2820
0 Kudos
g3rman
New Contributor

Created on ‎06-29-2009 07:18 AM

My recommendation is typically to set both devices to auto/auto and verify that they both negotiated the same parameters. If the switch was hardcoded to 100/half and the firewall was set for auto then you will run into the problems you described. The other option is to hard-code both devices. Did you know that hovering your mouse over the interfaces on the firewall status screen tells you what speed/duplex settings the interface is set to?
A Real World Fortinet Guide Configuration Examples & Frequently Asked Questions http://firewallguru.blogspot.com
A Real World Fortinet Guide Configuration Examples & Frequently Asked Questions http://firewallguru.blogspot.com
2820
0 Kudos
Not applicable

Created on ‎06-30-2009 06:00 AM

Hi g3rman, Yeah, I set both devices to auto. The pix didn' t like that way back though. And I didn' t know that I could check it that way, but luckily I' m not afraid of some googling and the CLI
2820
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.