Hi, I'm new to the forums so I bid you all a good hello first and foremost.
I'm currently seeing an issue due to the aggressive nature in which our 100D ha cluster is reusing source nat ports for address translation.
This is causing an issue with one of our web services, where by the source port is reused too quickly and causes the session data to be dropped. I believe the issue is caused by the server we are connecting to having TIME_WAIT configured for a 2 minute interval and our fortinet reusing the source port after a few seconds.
Would creating a policy to increase the time to live session timer help in this instance ? I'm just concerned by increasing the amount of time sessions are able to sit within the firewall's memory this will potentially have a negative effect on the performance even if it does rectify our issue.
We had a Cisco ASA HA setup previously which we never encountered this issue, it seems its related to the way fortios applies port address translation
Any suggestions would be appreciated.