Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
viniciusm
New Contributor

Fortigate HA Pair Syslog TCP TLS - Main node lose connection

Hello Everyone,

 

I'm having issues to receive logs from one of the Fortigate pair (the main one FTG01) via TCP TLS. I'm using a filebeat TCP input to receive these logs.

 

For some reason the FTG01 lose the connection with this input and it doesn't able to connect again, I only be able to receive the logs from the other FTG02, that doesn't lose the connection.

 

The logs only return after changing the syslog forwarding configuration, e.g. change the destination port to another and return it back.

 

Anyone had this issue before? Any ideas why it happening? Using TCPDUMP/Netstat , I only be able to see 1 single connection to my VM (which is the FTG02), I can't see attempts or failed connections.

 

Thanks

1 REPLY 1
gfleming
Staff
Staff

Is this active/passive configuration? Does it make a difference if FGT01 is master or slave?

Cheers,
Graham
Labels
Top Kudoed Authors