Good day All,
I started experiencing an issue in office after upgrading the FortiAP 431G firmware from 7.2.1 build 4789 to 7.4.2 build 0634. We have servers hosted in AWS. To reach these servers we need to connect via VPN. We have intermittend drops to AWS but the VPN does not disconnect, then we are unable to access the servers in AWS. Even when reconnecting the VPN connection the issue still persists. This only happens on certain access points and after rebooting the access point then the issue is resolved for a few hours.
We checked our DNS in office and in AWS, no issues there.
This however does not happen when a user is connected via LAN, it only happens when a user is connected on WiFi.
Please help.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Tauriq,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
You need to check the traffic debugs on the FortiGate
diag debug flow filter addr <dest ip address>
diag debug flow filter port <dst port number> --- this line is optional
diag debug flow show function-name en
diag debug flow trace start 100
diag debug enable
On a second CLI, run VPN traffic debugs. if it is a SSLVVPN then execute the following commands
diag vpn ssl debug-filter src-addr4 <public IP of the forticlient endpoint>
diag debug app sllvpn -1
diag debug enable
For Ipsec :
diag vpn ike log-filter dst-addr <remote gateway ip>
diag debug app ike -1
diag debug enable
Also check the wifi event logs
Hi @amrit the issue with Debugging is that this is an intermittent issue and happens at different times during the day to different access points we have 12 listed in our workspace.
We will have a look at when the issue happens and provide feedback ASAP.
It sounds like your WiFi issues with AWS might be from the firmware update on your FortiAP 431G. Since it only happens with some access points and you can fix it by rebooting them, you should think about going back to the old firmware or messing with the settings to see if that helps.
Also, check your network setup to keep everything running smoothly. AWS can be pricey, but you can save some cash by snagging AWS discounts, you can get up to 3% off. So, while you’re figuring out the network stuff, look for those discounts to help with costs
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.