I have purcased a Fortigate 40F that I have put at a small office.

I want to send syslogs to a Syslog Server with TCP. I managed to send syslog using UDP protocol, however when I switch to TCP protocol it stops working (with no error message).

The setup:

Config for syslogd settings:

config log syslogd setting
    set status enable
    set server "81.164.196.77"
    set mode reliable
    set facility syslog
end

Google Cloud Platform compute engine:

I have created a compute engine VM instance with Ubuntu 24.04.
I have tagged the compute engine with network tag "collector".

Google Clout Platform firewall:
I have created a Firewall rule named "collector-allow-ingest" with

• target tags=collector
• source filters ip ranges=0.0.0.0/0
• protocols and ports: tcp:514, udp:601

This rule applies to the compute engine "collector".

Log receiving software at Compute Engine Instance
The compute engine runs LimaCharlie Adapter (https://downloads.limacharlie.io/adapter/linux/64) to receive syslog.

I start it with the following:

chmod +x ./lc_adapter
./lc_adapter syslog client_options.identity.installation_key=a-b-c-d-e client_options.identity.oid=f-g-h-i-j client_options.platform=text client_options.hostname=fortigate-40f client_options.sensor_seed_key=fortigate-40f port=514 iface=0.0.00 is_udp=false

Please help me debug this issue

I am a bit lost on how to debug this issue. Especially since it works with UDP. I have the same setup for a Palo Alto PA-440 firewall, and that works fine with TCP.