cannot access FG 50E through LAN ports

yahyaflaifel · ‎05-18-2023

LAN ports became very slow, the browser return "unresponsive page" error. the GUI can be accessed through WAN port and console normally.

LAN ports throughput is not exceeding 2Mbps!

adambomb1219 · ‎05-18-2023

Memory usage? Does console work? What about SSH?

yahyaflaifel · ‎05-19-2023

Console is working, I performed factory reset through console and I can configure the device.

also I can access the device through WAN port, the problem is accessing it through LAN ports.

SSH trough LAN ports is working
FortiGate-50E # get hardware memory
MemTotal: 2072580 kB
MemFree: 1562592 kB
Buffers: 0 kB
Cached: 162608 kB
SwapCached: 0 kB
Active: 159128 kB
Inactive: 114828 kB
Active(anon): 158076 kB
Inactive(anon): 94720 kB
Active(file): 1052 kB
Inactive(file): 20108 kB
Unevictable: 0 kB
Mlocked: 0 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
AnonPages: 111352 kB
Mapped: 34500 kB
Shmem: 141448 kB
Slab: 145352 kB
SReclaimable: 1936 kB
SUnreclaim: 143416 kB
KernelStack: 864 kB
PageTables: 10316 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
WritebackTmp: 0 kB
CommitLimit: 1036288 kB
Committed_AS: 4128408 kB
VmallocTotal: 499712 kB
VmallocUsed: 75596 kB
VmallocChunk: 422364 kB

FortiGate-50E #

kaman · ‎05-19-2023

can you please verify if there are any drops or errors on the port and please check and share the interface speed and duplex settings with the below commands:

diagnose netlink interface list <interface name>

fnsysctl ifconfig <interface name>

Regards,
Aman

yahyaflaifel · ‎05-19-2023

FortiGate-50E # diagnose netlink interface list lan5

if=lan5 family=00 type=1 index=10 mtu=1500 link=0 master=0
ref=14 state=start present fw_flags=0 flags=up broadcast run multicast
Qdisc=pfifo_fast hw_addr=90:6c:ac:55:95:09 broadcast_addr=ff:ff:ff:ff:ff:ff
stat: rxp=782 txp=273 rxb=322562 txb=321206 rxe=0 txe=0 rxd=0 txd=0 mc=0 collision=0
re: rxl=0 rxo=0 rxc=0 rxf=0 rxfi=0 rxm=0
te: txa=0 txc=0 txfi=0 txh=0 txw=0
misc rxc=0 txc=0
input_type=0 state=3 arp_entry=0 refcnt=14

FortiGate-50E # get hardware nic lan5
Description Marvell MUX Gigabit Ethernet driver
System_Device_Name lan5
Admin :up
Current_HWaddr 90:6c:ac:55:95:09
Permanent_HWaddr 90:6c:ac:55:95:09
Link up

Phy Status up
Speed 1000
Duplex full
Rx_Packets 3447
Tx_Packets 2807
Rx_Bytes 847737
Tx_Bytes 3274915

FortiGate-50E #

rmreddy · ‎05-19-2023

May I know whether the test is done by directly connecting to lan interface
Provide the below log
diagnose netlink interface list <interface name>
Also provide the iperf test by connecting directly to lan interface by following the below link
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Use-cases-for-diagnose-traffictest-command...

yahyaflaifel · ‎05-19-2023

I connected the PC directly to one of the LAN port, I performed factory reset using console, but LAN ports still not working properly.

Test Results:

FortiGate-50E # diagnose netlink interface list lan5

if=lan5 family=00 type=1 index=10 mtu=1500 link=0 master=0
ref=14 state=start present fw_flags=0 flags=up broadcast run multicast
Qdisc=pfifo_fast hw_addr=90:6c:ac:55:95:09 broadcast_addr=ff:ff:ff:ff:ff:ff
stat: rxp=782 txp=273 rxb=322562 txb=321206 rxe=0 txe=0 rxd=0 txd=0 mc=0 collision=0
re: rxl=0 rxo=0 rxc=0 rxf=0 rxfi=0 rxm=0
te: txa=0 txc=0 txfi=0 txh=0 txw=0
misc rxc=0 txc=0
input_type=0 state=3 arp_entry=0 refcnt=14

FortiGate-50E # diagnose traffictest server-intf lan3
server-intf: lan3

FortiGate-50E # diagnose traffictest client-intf lan4
client-intf: lan4

FortiGate-50E # diag traffictest run
Connecting to host 172.16.17.1, port 162
[ 13] local 172.16.18.1 port 6895 connected to 172.16.17.1 port 162
[ ID] Interval Transfer Bandwidth Retr Cwnd
[ 13] 0.00-1.00 sec 518 MBytes 4.33 Gbits/sec 0 272 KBytes
[ 13] 1.00-2.00 sec 529 MBytes 4.44 Gbits/sec 0 288 KBytes
[ 13] 2.00-3.00 sec 519 MBytes 4.35 Gbits/sec 0 288 KBytes
[ 13] 3.00-4.00 sec 525 MBytes 4.40 Gbits/sec 0 288 KBytes
[ 13] 4.00-5.00 sec 524 MBytes 4.40 Gbits/sec 0 320 KBytes
[ 13] 5.00-6.00 sec 535 MBytes 4.49 Gbits/sec 0 320 KBytes
[ 13] 6.00-7.00 sec 494 MBytes 4.14 Gbits/sec 0 320 KBytes
[ 13] 7.00-8.00 sec 506 MBytes 4.25 Gbits/sec 0 320 KBytes
[ 13] 8.00-9.00 sec 504 MBytes 4.23 Gbits/sec 0 352 KBytes
[ 13] 9.00-10.00 sec 528 MBytes 4.42 Gbits/sec 0 352 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth Retr
[ 13] 0.00-10.00 sec 5.06 GBytes 4.35 Gbits/sec 0 sender
[ 13] 0.00-10.00 sec 5.06 GBytes 4.35 Gbits/sec receiver

iperf Done.
iperf3: interrupt - the server has terminated

FortiGate-50E #
FortiGate-50E # diagnose netlink interface list lan4

if=lan4 family=00 type=1 index=9 mtu=1500 link=0 master=0
ref=12 state=start present fw_flags=0 flags=up broadcast run multicast
Qdisc=pfifo_fast hw_addr=90:6c:ac:55:95:08 broadcast_addr=ff:ff:ff:ff:ff:ff
stat: rxp=0 txp=2 rxb=0 txb=188 rxe=0 txe=0 rxd=0 txd=0 mc=0 collision=0
re: rxl=0 rxo=0 rxc=0 rxf=0 rxfi=0 rxm=0
te: txa=0 txc=0 txfi=0 txh=0 txw=0
misc rxc=0 txc=0
input_type=0 state=3 arp_entry=0 refcnt=12

FortiGate-50E # diagnose netlink interface list lan3

if=lan3 family=00 type=1 index=8 mtu=1500 link=0 master=0
ref=12 state=start present fw_flags=0 flags=up broadcast run multicast
Qdisc=pfifo_fast hw_addr=90:6c:ac:55:95:07 broadcast_addr=ff:ff:ff:ff:ff:ff
stat: rxp=0 txp=2 rxb=0 txb=188 rxe=0 txe=0 rxd=0 txd=0 mc=0 collision=0
re: rxl=0 rxo=0 rxc=0 rxf=0 rxfi=0 rxm=0
te: txa=0 txc=0 txfi=0 txh=0 txw=0
misc rxc=0 txc=0
input_type=0 state=3 arp_entry=0 refcnt=12

FortiGate-50E #

Christian_89 · ‎05-19-2023

Check LAN Cable Connections: Ensure that all LAN cables are securely plugged into the appropriate ports on both the FortiGate device and the connected devices. Loose or damaged cables can result in poor network performance.
Verify LAN Port Configuration: Confirm that the LAN ports on your FortiGate device are configured correctly. Check the interface settings, such as speed and duplex settings, to ensure they are properly aligned with the connected devices.
Disable Unnecessary Services: If you have any unnecessary services or features enabled on the LAN ports, consider disabling them to alleviate any potential performance bottlenecks. For example, disable any unused security profiles or services that may be consuming resources.
Check LAN Port Utilization: Monitor the utilization of the LAN ports to determine if there is a specific device or application causing excessive network traffic. Use FortiGate's built-in monitoring tools or a network monitoring solution to identify any high-bandwidth consumers.
Review Firewall Policies: Examine the firewall policies on your FortiGate device to ensure they are not overly restrictive or causing unnecessary delays in network traffic. Adjust the policies as needed to optimize network throughput.
Update Firmware: Check if there are any available firmware updates for your FortiGate device. Keeping your firmware up to date can address known performance issues and improve overall stability.
Check for Malware or Network Attacks: Perform a thorough scan for malware or network attacks that could be affecting the LAN performance. Use a reliable antivirus and malware detection tool to identify and eliminate any potential threats.
Review QoS and Traffic Shaping Settings: Verify the Quality of Service (QoS) and traffic shaping settings on your FortiGate device. Ensure that they are properly configured to prioritize important traffic and manage bandwidth effectively.
Consider Performance Optimization: Evaluate the overall performance of your FortiGate device and consider optimization techniques such as traffic optimization, WAN optimization, or load balancing, depending on your network setup and requirements.

yahyaflaifel · ‎05-19-2023

there is no configuration, I performed factory rest. no rules, the device is connected directly to the PC.