Dear Experts, I have several questions, please help:
My wifi clients get IP addresses from DHCP relay (configured on FGT) very slowly, sometimes could not get IP. I checked wireshark, system arp and turned out that the DHCP server offered the new IPs, but clients could not accept because of IP conflict. There was ARP entry of that IP in Firewall, but it could not be removed automatically. Is there any way to do that?
Our connection from server1 to DB_server (same VLAN) is intermittent slow. In wireshark, there is no difference between slow and normal conditions. Can you kindly advise the way to check?
Sometimes we got 1-way connection on H323 voip conf call. We already disabled voip and h323 inspections but did not help. Please advise?
from what you report it seems that there is more than one DHCP server at work, serving the same address space. What if you disable DHCP relay on the FGT? Will clients still get address leases? If so, check the source on the client from where it obtained a lease.
server1 problem: connections between hosts on the same VLAN do not cross the firewall. You may use the FGT sniffer to gain more insight into what happens there:
diag sniffer packet any 'host x.x.x.x and host y.y.y.y and tcp and port zzz' 4 0 l
will enable you to watch the conversation. I'd suspect there are many retries, for whatever reason.
VoIP: one-way connection looks like the RTP UDP session does not work correctly. Either disable the (per default enabled) SIP-sessionhelper and use a VoIP profile, or the other way around. Just don't delete the sessionhelper and use NO VoIP profile.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.