Yesterday i installed a brand new Fortigate 60F. After researching the specs on it, i wanted a firewall that would be able to give me some security (I dont need the AV and all that), easy port forwarding (which it did), and able to give me the full Pipe of the Gigabit FiOS i have at home. I have had 3 firewalls i have massed with in the past week.
My original Netgear SRX5308 (No Security Features outside SPI and Flood protections), would get around 850 down, 800 up.. Firewall rated at 920 Meg per second. I then figured it was getting old (10 or so years) and i got a Zytel VPN 100. To my dismay, it gave me barely 500/500 as it apparently is either underpowered or has profile issues.. So i went Fortigate, as its well known, and after looking at all the specs of the models the 60F seemed to fit me perfectly.
24 hours later, my download speed is VERY good, No issues at all. My upload speed tho, I can not get over 300-400meg to a speedtest site that here in my office (same ISP, same Speed, only difference is here we have a Firebox m400), is getting 800 Meg too.
Now let me preface this a tad. I have disabled and or deleted every single profile rule i can find in the Fortigate to try to get this humming. It helped the download tremendously when i did this, but nothing seems to be helping the upload. I came across this article about "TCP Sawtoothing" on uploads, and i tried to follow it putting the commands in the console, didn't get any errors or anything but it hasn't helped.
https://kb.fortinet.com/kb/documentLink.do?externalID=FD48069
So now im kinda feeling like i want to do a hard reset on the fortigate again, and start over cause lord knows whats going on in it. Its working fine, im not having any drops or anything. Now i also tried that command line type speed test, but jesus its goofy and i only got it to work once, to a server in like Finland... which is useless to me in NY. I have also seen a myrad of posts here with the same kind of issue across a bunch of models. I also btw turned off all logging.
So without the fortigate, straight to machine i get 900/900 basically. With the fortifate im getting 900/400. What should i do? I really don't want to dump this thing for a FOURTH firewall, or go back to the netgear (good spare)..
Thanks
PS - I am running the latest 7.0 Firmware.
Like to Update, looks like my issue is resolved. When i was at work messing with it remotely, i deleted the main outgoing firewall profile (figured what the hell, i was going to reset it anyway).. So i came home, Reset my ONT, Did a full reset of the fortinet back to default, i then went into each security profile and manually turned them all off. Now im getting Uploads near or at 900 Meg, Full capacity. Good to Go.
SuBDivisions wrote:i deleted the main outgoing firewall profile (figured what the hell, i was going to reset it anyway)
Could you elaborate on what you mean when you say this? I'm running into very similar problems and curious to try whatever you did.
We did find a bug related to this issue. the bug no. to quote if you need more information when engaging TAC support would be 815692. The fix is scheduled for 7.0.7 and 7.2.2.
This is correct, I was the one that worked with TAC for many months to get to the bottom of this problem. I'm told it will be fixed in 6.4.12 also.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.