1. I have 2 firewalls 300E with HA active and passive mode .
2. I have VLANS configured on 2 separated redundant ports in the firewall .
3. the VLANS communicates with each other by firewall policies.
4. my network is working on layer 2 and the gateway for all the VLANS is the firewall for the network.
5. my problem is I have fingerprint device on VLAN and fingerprint server on other VLAN communicate with each other by the firewall when I connect the fingerprint on the server after 1 hour the synchronization stopes between the device and the server and no update appear for me for any check in or check out in the server and I must disconnect and re connect the fingerprint from the server to see the new check in or check out and after 1 hour of reconnecting the problem happening again .
6. I have application on local server on VLAN and the client that working on this application on other VLAN after 2 hours of communicating the client with the server the application from client side is freezing and I must restart the application to restore it to normal mode and after 2 hours the problem is happening again .
note:- for all the cases above when the problem happening the network connectivity is working normally with ping 1ms between the client side and the server side.
Sounds like a session timeout issue. Try changing the session TTL of the firewall policy you have configured to allow traffic between two VLANs config firewall policy edit 1 set name "test" set uuid 2586cfe6-8777-51ed-7baa-a6ac55525c14 set srcintf "vlan10" set dstintf "vlan20" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "ALL" set session-ttl 86400 set nat enable next end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.