I am using a VM image of Fortigate version 7.2.7 that I downloaded from the Fortinet website.
I have the following problem: I configured VLANs on the firewall to control communication between VLANs. After one hour, the communication between two different devices via the firewall stops.
To resolve this, I need to format the firewall and restore the backup, which makes it work for another hour.
I am using EVE-NG version 6.2.0 and emulating Fortigate 7.2.7. I have tried other versions as well (EX: 7.0.0, 7.2.0), but the same error occurs.
Solved! Go to Solution.
Hello,
I would recommend to double check whether license is verified. Moreover, once the issue is reproduced you may consider to collect debug flow by running the commands below:
diagnose debug flow filter daddr <destination IP address>
diagnose debug flow show function-name enable
diagnose debug flow trace start 100
diagnose debug enable
Hello,
I would recommend to double check whether license is verified. Moreover, once the issue is reproduced you may consider to collect debug flow by running the commands below:
diagnose debug flow filter daddr <destination IP address>
diagnose debug flow show function-name enable
diagnose debug flow trace start 100
diagnose debug enable
Hello, I don't have a license because I'm using a version of Fortinet that I downloaded from their website, in the VM download section.
"Below is the debug."
FW-GCP # id=65308 trace_id=8 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1
. type=8, code=0, id=1242, seq=274."
id=65308 trace_id=8 func=init_ip_session_common line=6043 msg="allocate a new session-00000790, tun_id=0.0.0.0"
id=65308 trace_id=8 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=9 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8,
code=0, id=1242, seq=275."
id=65308 trace_id=9 func=init_ip_session_common line=6043 msg="allocate a new session-00000791, tun_id=0.0.0.0"
id=65308 trace_id=9 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=10 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=276."
id=65308 trace_id=10 func=init_ip_session_common line=6043 msg="allocate a new session-00000792, tun_id=0.0.0.0"
id=65308 trace_id=10 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=11 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=277."
id=65308 trace_id=11 func=init_ip_session_common line=6043 msg="allocate a new session-00000793, tun_id=0.0.0.0"
id=65308 trace_id=11 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=12 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=278."
id=65308 trace_id=12 func=init_ip_session_common line=6043 msg="allocate a new session-00000797, tun_id=0.0.0.0"
id=65308 trace_id=12 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=13 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=279."
id=65308 trace_id=13 func=init_ip_session_common line=6043 msg="allocate a new session-00000798, tun_id=0.0.0.0"
id=65308 trace_id=13 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=14 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=280."
id=65308 trace_id=14 func=init_ip_session_common line=6043 msg="allocate a new session-00000799, tun_id=0.0.0.0"
id=65308 trace_id=14 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=15 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=281."
id=65308 trace_id=15 func=init_ip_session_common line=6043 msg="allocate a new session-0000079b, tun_id=0.0.0.0"
id=65308 trace_id=15 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=16 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=282."
id=65308 trace_id=16 func=init_ip_session_common line=6043 msg="allocate a new session-0000079c, tun_id=0.0.0.0"
id=65308 trace_id=16 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=17 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=283."
id=65308 trace_id=17 func=init_ip_session_common line=6043 msg="allocate a new session-0000079e, tun_id=0.0.0.0"
id=65308 trace_id=17 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=18 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=284."
id=65308 trace_id=18 func=init_ip_session_common line=6043 msg="allocate a new session-0000079f, tun_id=0.0.0.0"
id=65308 trace_id=18 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=19 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=285."
id=65308 trace_id=19 func=init_ip_session_common line=6043 msg="allocate a new session-000007a0, tun_id=0.0.0.0"
id=65308 trace_id=19 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=20 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=286."
id=65308 trace_id=20 func=init_ip_session_common line=6043 msg="allocate a new session-000007a2, tun_id=0.0.0.0"
id=65308 trace_id=20 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=21 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=287."
id=65308 trace_id=21 func=init_ip_session_common line=6043 msg="allocate a new session-000007a3, tun_id=0.0.0.0"
id=65308 trace_id=21 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=22 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=288."
id=65308 trace_id=22 func=init_ip_session_common line=6043 msg="allocate a new session-000007a7, tun_id=0.0.0.0"
id=65308 trace_id=22 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=23 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=289."
id=65308 trace_id=23 func=init_ip_session_common line=6043 msg="allocate a new session-000007a8, tun_id=0.0.0.0"
id=65308 trace_id=23 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=24 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=290."
id=65308 trace_id=24 func=init_ip_session_common line=6043 msg="allocate a new session-000007a9, tun_id=0.0.0.0"
id=65308 trace_id=24 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=25 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=291."
id=65308 trace_id=25 func=init_ip_session_common line=6043 msg="allocate a new session-000007ab, tun_id=0.0.0.0"
id=65308 trace_id=25 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=26 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=292."
id=65308 trace_id=26 func=init_ip_session_common line=6043 msg="allocate a new session-000007ac, tun_id=0.0.0.0"
id=65308 trace_id=26 func=__vf_ip_route_input_rcu line=2001 msg="find a route: flag=00000000 gw-172.0.0.254 via port2"
id=65308 trace_id=27 func=print_pkt_detail line=5857 msg="vd-root:0 received a packet(proto=1, 10.206.127.200:1242->172.26.0.200:2048) tun_id=0.0.0.0 from port1. type=8
, code=0, id=1242, seq=293."
Thank you for your help and sorry for the delay.
Here is the solution for people who are looking for something related to L3 on the Fortigate firewall that stops working.
The problem really lies with the license. When I download the VM directly from the Fortinet website, it shows a valid license status."
When the L3 of the Fortigate stops working, the license becomes invalid, causing the error.
My solution was to get an image from a site that remains valid for 15 days
Based on your description it seems like the hypervisor/emulator stops processing the tagged traffic. In my experience this happens often for all type of emulators and maybe just by disconnecting and connecting the port/connection, will make it work again.
Hello, I am using the VMware version 12 to emulate EVE-NG. In my case, my hypervisorlaunchtype is set to Off because if I activate it, VMware gives the error below when it tries to execute the images or even EVE-NG.
Hypervisor off
When I activate the hypervisor my vm have a error
That's why I leave it off. Do you think this problem with Fortigate could be because of this? Do you have any other ideas?
Thank you
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.