- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
v7.4.3 build2573 (Feature) in this version VPN Showing 0 bytes received.
Hi,
I am using FortiGate 100f, and after the update to v7.4.3 build 2573 (feature), the FortiClient VPN connection showed 0 bytes received. Due to this, I was unable to access my company servers. Can anyone help with this or suggest a required downgrade?
Regards,
M surrender
Sr. System Administrator
- Labels:
-
FortiClient
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @surender
This generally happens when the traffic response is not coming from the destination, so the receive bytes counter does not increases.
You can do the following to troubleshoot :
Take two CLI session and run the following sniffer and debug commands :
CLI 1 :
diagnose sniffer packet any "host x.x.x.x and host y.y.y.y and icmp" 4 0 a
CLI 2 :
diag debug enable
diag debug flow filter proto 1
diag debug flow filter saddr x.x.x.x
diag debug flow filter daddr y.y.y.y
diag debug console timestamp enable
diag debug flow show iprope enable
diag debug flow show function-name enable
diag debug flow trace start 100
diag debug enable
After running these debug commands ping from you remote PC to any internal IP address.
once done use these commands to stop the debugs :
diagnose debug reset
diagnose debug disable
x.x.x.x is the IP address of the FortiClient user which he gets after connecting to the VPN.
y.y.y.y is the IP address of the internal network machine.
You will see the reason behind it.