I start a new topic while this problem is still not resolved and since the other topic about this same issue is not accurate anymore. This topic starts with a clear description of the issue including an overview of the situation.
This is the old topic (for reference please do not refer anymore to it to avoid confusion).
The network schematic:
If connected wireless to ssid "test99" all is fine. No issues and superfast.
If connected to "ssid" clients experience weird issues.
1. Roblox games do not (never) load, and give an error message.
2. Downloading apps/update from google play store is terribly slow ... 1%,2%,3%...
I deliberately do not (yet include) and config/capture (see also previous topic).
I never had any of these issue, for over ~7 years. It started after upgrading to 7.0.11. And if you read the old topic, 2 things constantly cross: software switch vs hardware switch, that issue is now gone. All is connected to 1 hardware switch and VLANs with bridged ssids.
The netgear is configured to tag VLANs on the uplink and to the FAP. furthermore there are no (known) issues in the network other than this...
Please help out in finding if this could be a configuration issue or bug. Thank you!
I would recommend to focus on roblox games first, since it is easier to troubleshoot than performance issue. You may consider to sniff traffic on client side and trace traffic towards roblox games servers. In wireshark it will be visible whether there is an issue with establishing TCP, TLS sessions or smth else.
So there are dozens of attempted connections to Roblox server in the cap spanning only around 20 packets each. And every conversation/connection attempt looks pretty much the same. Some back and forth with the server and then a RST from the server after some unseen segments in the capture.
Where are you capturing from? Unseen segments could be seen if sniffing on the FortiGate unless you turn off NPU offload.
Can you try capturing again from a computer accessing Roblox?
Also, in looking at Roblox help documentation it states you need to have port forwarding enabled for it to work? Is that true? Do you have that configured?
Well most people running home networks are not using FortiGates. 99% of home networks will use UPnP to do port forwarding automatically. FortiGate of course being an enterprise firewall does not use UPnP.
Regarding the capture, OK so please lets get a capture from an affected endpoint. That way we know we are seeing everything. Or, disable NPU offloading and capture again. It would be interesting to see a capture for failed Amazon app, Website loadings, etc as well.
That's great, I understand that. I'm trying to help you here. I have no idea if you had a VIP set up for Roblox or not. So that's cleared up now. But you're focusing on stuff that doesn't help us troubleshoot your problem.
Please focus on the troubleshooting steps I'm requesting from you. Namely getting a new capture done....
I don't really see anything standing out in the captures. There's actually more data captured in the Roblox faulty cap file than the success one. I see RakNet packets as well which means at least to me that its progressing further than what is captured in the success capture.
Next steps: can we bypass the switch? Can you plug an endpoint direclty into the FortiGate hardware switch (if you need to assign another physical port to it then please do) and then get that endpoint to join VLAN 10 by tagging its traffic appropriately.
Or alternatively plug the AP directly into one of the FortiGate hardwareswitch ports and see how wifi clients in vlan 10 behave?
Also if you're willing please upload or securely share your full FGT config.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.