Hi All,
Is there a way to check or determine in the Fortigate firewall if the difference in bandwidth of MPLS site (our site has 20Mbps and our client has 2Mbps only) will result in slow in traffic?
We and our client have both 2 ISPs for redundancy, but the client's other ISP is much slower, so they prefer to connect using the other. When our main ISP was down, we swung to the other resulting in much slower traffic. But our client checked their current bandwidth and said that they were only using 60% of the traffic and insisted to check where the bottleneck was. I'm trying to figure out how to check and present to the client that the issue is their bandwidth unfortunately, when I check the bandwidth monitor in Dashboard, I can only see the grouped MPLS tunnels of ISP1 (interface 1) and ISP (interface 2) with Hardware Switch as type. There is no option to check the separate interface. Even the VPN Event logs don't help that much.
Is there a way to check this?
Thank you in advance.
Oliver
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
You may also try to make Fortigate as IPerf Server and the other Fortigate to be Iperf client to check the maximum bandwidth between the site.
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Configure-FortiGate-as-speed-test-ip...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-perform-a-traffic-test-on-a-FortiGa...
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/142043/hub-and-spoke-speed-t...
But to be honest, that 2Mbps bandwidth is too low for a WAN connection
Created on 08-15-2024 07:00 AM Edited on 08-15-2024 07:01 AM
Hi @olivern4
The Fortigate Speed Server does not require PPPOE connection. You can use it on any WAN as long as you have public IP address.
You can also use it on IPSEC interface.
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/142043/hub-and-spoke-speed-t...
Hello,
You can perform iperf test, one machine behind Fortigate can act as server and one machine on the Client's side can act as client, and you can perform this vice versa changing the client and server role and check the bandwidth on both the sides
Hi @SonaMuvv
Thank you for the response.
That's actually one of the things we thought before, but, unfortunately, we don't have access to the client's server. Is there any other way?
Oliver
You may also try to make Fortigate as IPerf Server and the other Fortigate to be Iperf client to check the maximum bandwidth between the site.
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Configure-FortiGate-as-speed-test-ip...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-perform-a-traffic-test-on-a-FortiGa...
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/142043/hub-and-spoke-speed-t...
But to be honest, that 2Mbps bandwidth is too low for a WAN connection
Created on 08-15-2024 03:26 AM Edited on 08-15-2024 03:55 AM
Hi @adimailig
Thank you for the response.
Unfortunately, the procedure is not suitable for us because we are not using PPPOE, not even the client. It's really frustrating.
Oliver
Created on 08-15-2024 07:00 AM Edited on 08-15-2024 07:01 AM
Hi @olivern4
The Fortigate Speed Server does not require PPPOE connection. You can use it on any WAN as long as you have public IP address.
You can also use it on IPSEC interface.
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/142043/hub-and-spoke-speed-t...
Hi All,
Thank you to all who responded to my concern.
I forgot to mention that we have a lower version of FG100D.
#config-version=FG100D-6.2.14-FW-build1364-230411:opmode=0:vdom=0:user=oliver
#conf_file_ver=643935856896248
#buildno=1364
#global_vdom=1
That's why the procedures given are not applicable to us.
My superior just made an RCA based on the bandwidth that our client has. We all know that having 2Mbps for MPLS connections is too low. I will go ahead and close this thread for now.
Again, thank you to all of you.
Oliver
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1690 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.