Hey guys. I am an FGT90G owner.
I have tested firmware 7.0.12, 7.0.13, 7.0.14, 7.0.15.
1. On all firmware there is a problem with Traffic Shaping Policies.
I have configured a few rules in Traffic Shaping Policies. The network works fine, but after a few hours, all traffic that matches these rules stops working. After that, I disable the rules in Traffic Shaping Policies and my network works again.
If I re-enable the rule in Traffic Shaping Policies, the network does not work.
In the logs I see errors - Session time out.
The problem is solved only after rebooting the FortiGate.
But on firmware 7.0.12, if you turn off the rules in Traffic Shaping Policies and turn on the shaper in Firewall Policies, the Network works without problems.
2. Second problem.
It is only present in versions 7.0.13, 7.0.14, 7.0.15.
I have 29 routers of Zyxel usg-20-vpn connected to FGT90G as Dial-Up IpSEC.
After rebooting the FGT90G or Zyxel, no access to the internal network of some Zyxel.
After entering the command "get router info routing-table all ", I see:
S 10.1.51.0/24 [15/0] via Vpn-Ike2-Tun_KT tunnel 10.0.0.22, [1/0]
[15/0] via Vpn-Ike2-Tun_NL tunnel 44.7.263.77
But PING to 10.1.51.0/24 doesn't work.
I enter the command: "diagnose vpn tunnel flush"
After that I can see the network 10.1.51.0
After entering the command "get router info routing-table all ", I see:
S 10.1.51.0/24 [15/0] via Vpn-Ike2-Tun_KT tunnel 44.7.263.77, [1/0]
This problem is not present on firmware 7.0.12.
Hi @d_konyayev,
For both issues, it will be useful to collect debug flow when the issue is happening. Please refer to this article: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-First-steps-to-troubleshoot-connecti...
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1063 | |
889 | |
527 | |
441 | |
152 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.