Hello,
I have a FG1500D bundle configured for a University.
Almost entire traffic of University and also the campus is passing through it.
Routing and policies are working correctly, but I had an issue and maybe you can help me in debugging it.
So, after few days of normal traffic, suddenly connection to some Google servers was blocked and I saw lots of "Failed connection attempts" messages.
Other sites and traffic was working just fine, only the connection to those servers was blocked. Actualy Google wasn't working.
The security profiles for the traffic contains AV in monitoring mode, IPS sensor with all signatures and default action. Nothing special in the rest.
In attach some images with Failed Connection Attempts messages.
I disabled the security profiles - the problem was still there.
I rebooted the equipment, the connection was still blocked for about half an hour.
After half an hour, the connection to Google was working but it was resolving in a different class of IPs.
Next day, Google was working again, and it was again resolving in the previous IPs, when the problem appeared.
The idea is that the traffic was blocked for all users behind the FortiGate. For other users in the network, which do not pass traffic through FortiGate, the problem never appeared.
Any thoughts?
No one? No idea?
Hello Bobby Yo
I am detecting the same issue here with an FG200D (v5.6.4 build1575 (GA)). Did you find the cause of the erros? What solution?
thanks,
Hi,
The message is quite often a "false positive" and can be disabled (Off) under Log & Report > Threat Weight > Packet Based Inspection > Failed Connection Attempts.
This may appear due to wrong DNS query or IP host not reachable.
Thanks,
Deepak Kumar
I had the same issue with my Fortigate FTG61, but the problem disapired after a few of days, I did not do anything.
But yesterday, another one FTG60 has the same problem, and I try all what you mentioned without success till yet. :(
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.