Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
noc_92
New Contributor II

some times All Current sessions and internal routing are drop

FW.JPG

Hello..

this issue gets sometimes, like peak time. currently, all current sessions are dropped and all firewall internal routing not working, all traffic is dropped. but I can log in to the firewall and do anything in the firewall and CPU and memory are normale..no any other unusual events on the log. 

 

FortiGate 

6 REPLIES 6
Anthony_E
Community Manager
Community Manager

Hello noc_92,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
Anthony_E
Community Manager
Community Manager

Hello noc_92,

 

We are still looking for someone to help you.

We will come back to you ASAP.


Regards,

Anthony-Fortinet Community Team.
gfleming
Staff
Staff

Just need to ask a few questions to understand better. How are you determining this is the FortiGate causing traffic to stop routing?

 

Are you sure it's the FortiGate and not something else? I.e. maybe it's your WAN link? When the issue happens can you still route between two internal interfaces on the FortiGate?

Cheers,
Graham
alnobal
New Contributor

Hi,

I'm getting the same issue.

We have two Fortigates 1801F in HA. 

In the past, the 2 incident only occurred in the same unit. But now, it has ocurred on the other unit.

 

When a unit is the Primary HA, without doing any changes, the communications drops and we have to change to the other node as Primary to recover the service. The only option is reboot the Primary unit to change the HA.

In January was reproduced with the 7.0.9 version. Now, we upgraded to v7.0.10, and with the new version, the incident has returned.

I don't see any error logs.

It seems that the unit doesn't accept new connections, and only works the old connections. For exemple, If I'm connected via GUI when the incident occurs, I can navigate through the GUI, but I can't do ping or connect via SSH.

This incident not occurs always. 

noc_92
New Contributor II

that issue we inform to Fortiget support team they check all logs and debug reports..they say it was an OS bug issue. and they give solution updates to the latest version. and update the os to 7.2.4, but that issue was not fixed that issue came sometimes,

the Fortiget support team checks again and they give us a script to schedule.

they say need to restart the WAD process.

 

----SCRIPT----

config system auto-script
edit "restart_wad"
set interval 43200
set repeat 356
set start auto
set script "diag test app wad 99"
next
end

 

after that issue does not appear again...

 

Manjunathan
New Contributor

Hi,

You can check the status of update static route status in performance sla of your primary and secondary interface. if it is enabled please disable and check the performance. SDWAN-Performance-SLA.jpg

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors