Hi,
I am using FortiGate 100f, and after the update to v7.4.3 build 2573 (feature), the FortiClient VPN connection showed 0 bytes received. Due to this, I was unable to access my company servers. Can anyone help with this or suggest a required downgrade?
Regards,
M surrender
Sr. System Administrator
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @surender
This generally happens when the traffic response is not coming from the destination, so the receive bytes counter does not increases.
You can do the following to troubleshoot :
Take two CLI session and run the following sniffer and debug commands :
CLI 1 :
diagnose sniffer packet any "host x.x.x.x and host y.y.y.y and icmp" 4 0 a
CLI 2 :
diag debug enable
diag debug flow filter proto 1
diag debug flow filter saddr x.x.x.x
diag debug flow filter daddr y.y.y.y
diag debug console timestamp enable
diag debug flow show iprope enable
diag debug flow show function-name enable
diag debug flow trace start 100
diag debug enable
After running these debug commands ping from you remote PC to any internal IP address.
once done use these commands to stop the debugs :
diagnose debug reset
diagnose debug disable
x.x.x.x is the IP address of the FortiClient user which he gets after connecting to the VPN.
y.y.y.y is the IP address of the internal network machine.
You will see the reason behind it.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.