I recently have uninstalled forticlient from an imaged machine, in an unrelated matter, and in putting the client back on the machine, I simply used the offline installer. after registering and firing this up, I notice aan IGMPv2 storm across my student vlan where the machine is connected to. when I turn forticlient off or disconnect the laptop I have just connected this stops. I'm wondering if anyone can shed some light on this?
thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
What group was it being sent at and are you 100% sure it's the client? Don't know how vpnclient would use igmp much less send to a igmp group.
Was the host inspected?
PCNSE
NSE
StrongSwan
when I connect the forticlient the storm starts....when I disconnect or unregister the client it stops...im seeing it via wireshark, so that would tell me that it would have something to do with forticlient. just an educated guess....
It may be helpful to try https://www.dropbox.com/sh/cb0j4pxw1f8nq84/AABHzZW1bpx1VjzYAmiK00S9a?dl=0
If it works, then the cause was application firewall.
I can confirm this. We rolled out forticlient 5.4.0 on 30 clients and a IGMP storm brought most of the low-bandwith devices (100mbit voip phones, clients via wifi, printers...) in the network to a standstill.
Very frustrating two days of troubleshooting.
I'd really like to know the root cause of this...
thank you for the confirmation! when I used an image I created it seems to be ok...this just happened with a fresh install of the client.
Hi - we've seen a similar issue with 5.2.5 - again, our issue manifested itself after a 30 user (trial) roll out. The application firewall is configured.
The issue was only triggered by people turning off/on printers. Now, I know we have a very old (and badly structured) network, but this was just crazy.
Hi - what version of the client were you using? We've seen a similar issue (on a corporate network) with version 5.2.5.0658.
This forum entry https://forum.fortinet.com/tm.aspx?m=131412 appears to indicate this is an issue with the application firewall element of the client.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1641 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.