Hello.
I'm managing a Fortigate 40F v 7.0.11 and I'm getting in System Events logs many line reporting that my lan interface is going down and up with log id = 0100020099.
When Fortigate logs those lines I can see my ping tests to 8.8.8.8 failing and usually I get customers complaining about a no stable internet.
The main problem is that it's not constant. I'm getting this behavior a lot of time during a day.
I'm using SD-WAN in lan3 and "a" ports (I just disabled tha Wan port because I have an disabled link in this port) but even when I had Wan port available I was getting the same error but less often.
I really don't know what is causing this behavior.. could it be cable or a faulty port in my switch?
I'm almost loosing my customer because of this weird behavior.
Appreciate any help.
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi
Try the following:
OK. Yesterday I changed the cable and changed the switch port. Everything looks good so far but I didn't have the time to change the FG lan port yet because it's a device in production but I'll do that if necessary.
Thanks.
Happy to hear it.
If it's fixed then you don't need to change FG port.
NOTE: Some modems, ComCast for example, are known to drop the network connection or reboot if they receive non-DNS traffic on UDP port 53 which is well known DNS port, but which is also used to connect to the FortiGuard service.
It is not necessary that the Link Monitor feature is configured, this log message will appear in logs each time the physical link is lost.
This cause can be confirmed by connecting a switch between the FortiGate and a modem.
If the switch has logging functionality then the interface facing the FortiGate will be stable while the interface connected to a modem will be flapping.
The workaround is to use port 8888 for FortiGuard. This can be changed from GUI or CLI.
Please refer to the below document for more information:
If you have found a solution, please like and accept it to make it easily accessible to others.
Aman
Created on 10-17-2024 05:09 AM Edited on 10-17-2024 05:09 AM
I found this document during my research. I don't think this would be the problem because I disabled all the filtering related services for debuging and it's configured for HTTPS/443 port and the problem was still going on.
Anyway, it's also very weird and unsafe that FG would run a service in any reserved ports like 53. :)
Thank you for your help.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.