Dear Team,
I am facing a strange issue with my IPSec tunnel interface.
When i am trying to add that tunnel in bandwidth monitor it shows that maximum interface bandwidth reached.
But when i see the widget it shows that the bandwidth monitor for this interface is disabled.
I have tried enabling bandwidth monitor for that VPN interface, when i do so it shows maximum interface bandwidth reached.
Please assist me in this.
Thanks
Shailesh
Solved! Go to Solution.
As per the below article, the maximum number of interfaces to monitor are 25. Are you hitting this limit? Can you remove any other interface and check.
running the same debug suggested in above article will be helpful.
Verify if the maximum limit has been reached by running a debug:
##diag debug app forticron
#diag debug enable
<----- Add new interface widget.
Output will be:
Admin table has changed, updating interfaces for traffic history.
update_tr_history_intfs()-253: Maximum # of monitored interfaces reached. Failed to track new interface.
Please remember to disable the debug using "diag debug disable"
As per the below article, the maximum number of interfaces to monitor are 25. Are you hitting this limit? Can you remove any other interface and check.
running the same debug suggested in above article will be helpful.
Verify if the maximum limit has been reached by running a debug:
##diag debug app forticron
#diag debug enable
<----- Add new interface widget.
Output will be:
Admin table has changed, updating interfaces for traffic history.
update_tr_history_intfs()-253: Maximum # of monitored interfaces reached. Failed to track new interface.
Please remember to disable the debug using "diag debug disable"
Hello Suraj,
I can confirm that i am not hitting the 25 limit.
Also when I try to remove an existing bandwidth monitor and add that particular IPSec tunnel it still says the same thing, but when i add and interface monitor of other interface i can do so successfully.
Reagrds
Shailesh
Hello Shailesh,
Can you collect the debug as suggested in the article, it may give us some clue.
#diag debug app forticron
#diag debug enable
Add the widget and then disable the debug and share the output
Thanks,
Suraj
Hello Suraj,
I have resolved my issue. After I ran multiple tests on my R&D device I learnt that when fortinet meant MAX 25 BW monitoring interface they meant 25 shared amongst all the administrators, Initially I had mistaken it for 25 per administrator. So I removed the BW monitor interfaces from other administrators and it worked.
Thanks for the solutions.
Reagards
Shailesh
Glad to hear that. Thanks for sharing the details.
Hi,
Would you mind sharing how you managed to do that? I would assume in the cli somehow. I just can't find the config.
Perhaps I'm not looking hard enough, but this will be a great help.
Regards
Created on 01-11-2023 09:00 PM Edited on 01-12-2023 12:20 AM
Hello Dezso,
So how this works is suppose Admin 1 has port1 to port25 interfaces in his/her dashboard monitored and now if Admin 1 wants to add another interface lets say port26 they will not be able to do so. Now if there is another Admin 2, he/she is allowed to add the interfaces that Admin1 already has i.e. from port1 to port25 but will not be allowed to monitor port26 same case as for Admin 1. Now if Admin 2 or Admin 1 wants to monitor port26 then both Admin 1 and Admin 2 must remove any 1 already monitoring interface (lets say port 25) then only will both the admin 1&2 be allowed to monitor port26.
Reagards
Shailesh
Thanks very much, that is most insightful :)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.