Internal client tries to ping126.96.36.199with -l 10000 parameter after that Fortigate stopping all functions(routing and switching) and kills all active sessions, when we failover to secondary Fortigate it works fine. I have 3 WAN interface in SD-WAN zone and its load balancing internal sources to best effort. Also there is no jumbo frame allowed or cofigured in backbones and edge switches.
Also tried to set "mtu 1492" on all interfaces.
,tried Dos policy for internal interface
,tried session-ttl "set default 300" (reverted to default)
Based on the information you have provided, it appears that the issue may be related to the size of the ICMP packets being transmitted. Since the Fortigate is stopping all functions and killing active sessions when the internal client pings 188.8.131.52 with a packet size of 10000, it's possible that the packet size is too large for the Fortigate to handle.
You mentioned that you have already tried adjusting the MTU size on all interfaces to 1492, but this did not resolve the issue. One potential solution could be to adjust the MTU size to a smaller value, such as 1400, to see if this resolves the issue.
Another potential solution could be to implement Quality of Service (QoS) policies to prioritize ICMP traffic, so that it does not cause disruption to other network functions.
It's also possible that the issue could be related to other factors, such as network congestion or misconfigured switches. It may be helpful to review the network topology and ensure that there are no other potential issues that could be contributing to the problem. Additionally, you may want to check for any firmware updates or patches that could address this issue.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.