we have fortigate 1500D Series with HA configuration (active standby), currently port31 used by our company as uplink to ISP for 1Gbps connection link. The problem is sometimes that port become unreachable and down for several seconds from the event log it show like this :
and then we checked hardware port from cli, there is error like this :
As I have understood, you are observing port31 is flapping.
Could you check the duplex/speed settings on both sides of the interface connection? (port31 and peer device interface). Also, try to change the patch cable between them and observed afterward.
CRC errors seeing FortiGate don't imply that the firewall is causing the issue, it indicates that the firewall is failing to match the FCS value with the packets received. FCS (Frame Check Sequence) field contains a 4-byte CRC value used for error checking. When a source host assembles a packet, it performs a CRC calculation on all fields in the packet except the Preamble, SFD (Start Frame Delimiter), and FCS using a predetermined algorithm. The source host stores the value in the FCS field and transmits it as part of the packet. When the packet is received by the destination host, it performs a CRC test again by using the same algorithm. If the CRC value calculated at the destination host does not match the value in the FCS field, the destination host discards the packet, considering this as a CRC Error.
Could you check what is the destination you are trying to reach in the performance SLA where you called the interface port31. Once you double click on the log you should be able to see the performance SLA which is actually bringing the interface down.
Could you please check:
+ what is the destination you have defined in the performance SLA
+ what is the protocol you are using in the performance SLA
+ If it is HTTP, could you try with ICMP and also try to change the destination for any other public IP
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.