Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MikeyMike
New Contributor

Created on ‎11-27-2014 10:21 AM

No VPN Charts/Datasets work after Firmware Update

Upgraded firmware on the Analyzer to 5.0.8 and now when I try running the built in VPN Report, none of the charts return any information.  Says "No Data".

 

Any ideas?

MK
MK
6064
0 Kudos
3 Solutions
hzhao_FTNT
Staff
Staff
In response to MikeyMike

Created on ‎11-27-2014 11:23 AM

Hi,

 

In order to get more accurate results, in new VPN report, we used action='tunnel-stats' instead of tunnel-up/tunnel-down to get vpn info. However FGTs do not send tunnel-stats info by default, we have to configure FGTs by: config system settings set vpn-stats-log ipsec ssl set vpn-stats-period 300 end Most of empty VPN report issue should be fixed after above commands executed on fortigates.   Regards, hz

View solution in original post

3490
0 Kudos
scao_FTNT
Staff
Staff

Created on ‎11-27-2014 11:47 AM

Hi, Mikey, what is your report run period? if for last 7 days, then it will not check for today's log.

 

thanks

 

Simon

View solution in original post

3511
0 Kudos
hzhao_FTNT
Staff
Staff
In response to MikeyMike

Created on ‎11-27-2014 11:50 AM

Hi Mike,

 

Tunnel-stat log will be sent every 5min, please wait a bit and see. By the way, I recommend you check log first:

FortiView-> LogView->Event->VPN, input action=tunnel-stats and search

If you see logs there, you will be able to get data from VPN report.

 

Regards,

hz

View solution in original post

Preview file
177 KB
3511
0 Kudos
9 REPLIES 9
MikeyMike
New Contributor

Created on ‎11-27-2014 11:20 AM

My other reports seem to be just fine.  Just vpn doesn't return any data.  Fortigate is running 5.0.7

MK
MK
3462
0 Kudos
hzhao_FTNT
Staff
Staff
In response to MikeyMike

Created on ‎11-27-2014 11:23 AM

Hi,

 

In order to get more accurate results, in new VPN report, we used action='tunnel-stats' instead of tunnel-up/tunnel-down to get vpn info. However FGTs do not send tunnel-stats info by default, we have to configure FGTs by: config system settings set vpn-stats-log ipsec ssl set vpn-stats-period 300 end Most of empty VPN report issue should be fixed after above commands executed on fortigates.   Regards, hz

3491
0 Kudos
MikeyMike
New Contributor
In response to hzhao_FTNT

Created on ‎11-27-2014 11:37 AM

Hi Hz,

Made the change on my fortigate but still No Data from the Datasets.  Is there anything else I can do or should I just wait a bit?

 

Thanks so much for your help!

 

--

Mike

 

 

 

hzhao_FTNT wrote:

Hi,

 

In order to get more accurate results, in new VPN report, we used action='tunnel-stats' instead of tunnel-up/tunnel-down to get vpn info. However FGTs do not send tunnel-stats info by default, we have to configure FGTs by: config system settings set vpn-stats-log ipsec ssl set vpn-stats-period 300 end Most of empty VPN report issue should be fixed after above commands executed on fortigates. Regards, hz

MK
MK
3462
0 Kudos
hzhao_FTNT
Staff
Staff
In response to MikeyMike

Created on ‎11-27-2014 11:50 AM

Hi Mike,

 

Tunnel-stat log will be sent every 5min, please wait a bit and see. By the way, I recommend you check log first:

FortiView-> LogView->Event->VPN, input action=tunnel-stats and search

If you see logs there, you will be able to get data from VPN report.

 

Regards,

hz

Preview file
177 KB
3512
0 Kudos
MikeyMike
New Contributor
In response to hzhao_FTNT

Created on ‎11-27-2014 11:54 AM

Hi HZ,

I see logs there now and when I run the dataset with the time period of today, I see data.  Thanks for your help!  My last question would be, would it not be possible to see any data past today?  Or will I only see data going forward from today?

 

--

Mike

 

hzhao_FTNT wrote:

Hi Mike,

 

Tunnel-stat log will be sent every 5min, please wait a bit and see. By the way, I recommend you check log first:

FortiView-> LogView->Event->VPN, input action=tunnel-stats and search

If you see logs there, you will be able to get data from VPN report.

 

Regards,

hz

MK
MK
3462
0 Kudos
hzhao_FTNT
Staff
Staff
In response to MikeyMike

Created on ‎11-27-2014 12:01 PM

Hi Mike, 

 

You will not able to see old data by predefined dataset/chart/report. If report from previous data is very important to you, you have to customize dataset/chart/report. Anyway, your report should be fine from today.

 

hz

3462
0 Kudos
MikeyMike
New Contributor
In response to hzhao_FTNT

Created on ‎11-27-2014 12:02 PM

That's what I thought :(

 

Thanks a million HZ!

 

hzhao_FTNT wrote:

Hi Mike, 

 

You will not able to see old data by predefined dataset/chart/report. If report from previous data is very important to you, you have to customize dataset/chart/report. Anyway, your report should be fine from today.

 

hz

MK
MK
3462
0 Kudos
scao_FTNT
Staff
Staff

Created on ‎11-27-2014 11:47 AM

Hi, Mikey, what is your report run period? if for last 7 days, then it will not check for today's log.

 

thanks

 

Simon

3512
0 Kudos
scao_FTNT
Staff
Staff

Created on ‎11-27-2014 12:05 PM

actually we are working on a fix for next patch release (5.2.1) to let VPN report still work for old VPN log (which does not have below CLI enabled)

 

config system settings set vpn-stats-log ipsec ssl set vpn-stats-period 300 end

 

Thanks

 

simon

3462
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.